/ip firewall address-list add list=mylocaladdr address=10.7.100.0/15
it won’t let me add this in the gui… it changes it to 123.123.123.123 and when i try to do it in terminal it gives me 10.6.0.0/15.
I know this subnet sucks (not me, the other admin set it up 
) but why wont it let me add it…
for now i cant finish my firewall script
It won’t add it because it’s not a valid subnet.For the IP address and subnet you’ve supplied the network address is 10.6.0.0. First available host address is 10.6.0.1; last address is 10.7.255.254.
Regards
Andrew
hm ,i dont quite get what you are saying.
the other admin set up 10.7.100.* amd 10.7.101.* to be usable.. 10.7.100.0 / 255.255.254.0
Are you sure that you want to add 131072 hosts to the address list? The reason why it does not work for you is that 10.7.100.0/15 is not the network address. Tell us the address space you want to add to the list.
Edit: If it is 512 addresses (10.7.100.01 - 10.7.101.254) you want to add, try 10.7.100.0/23 and it will work out for you.
hm.. i think i’m confused. i’m just adding address ranges to my firewall script so I can allow my internal addresses. i am allowing 172.16.0.0/24 and wanted to allow 10.7.100.0/15 … we have computers inside in the range of 10.7.100.1 - 10.7.101.254
my understanding was that the range i just said it 10.7.100.0/15 … i could be wrong, but i checked it with http://www.subnet-calculator.com/subnet.php?net_class=A 10.7.100.1 with a subnet mask of 255.255.254.0 is the range that i just stated.. i thought.
did that help ? i am not trying to add a particular address.. i’m trying to add a range.
If that is the case, use this one 10.7.100.0/23 and it will be correct.
ah damn.. i had my bits backwards on the c octet … thanks!