+- How2pass.com Forums (https://www.how2pass.com/forum)
+-- Forum: CCNP (https://www.how2pass.com/forum/forum-6.html)
+--- Forum: CCNP ENARSI 300-410 Forum (https://www.how2pass.com/forum/forum-15.html)
+--- Thread: AR374 (/thread-2551.html)
AR374 - chewosaurus - 08-26-2025
Disagree with the answer which states DNS is the issue.
The inbound ACL ends with
permit ip 10.66.42.0 0.0.0.255 any ⟵ wrong subnet
permit ip 10.66.46.0 0.0.0.255 any ⟵ only half the /23
Effect: clients that land in 10.66.47.0/24 are implicitly denied on the inbound ACL, so “not all guests” can reach the internet (they still get DHCP because bootpc/bootps are permitted).
Seems like to me, the answer should be fixing the /24 wildcard to a /23 on the inbound ACL.
Thanks.
RE: AR374 - help_desk - 08-29-2025
The question has been corrected. Thank you!