Router(config)# time-range time-range-name
Step 2. Specify when this time range will be in effect. Multiple periodic statements are allowed; only one
absolute statement is allowed.
Define an absolute time.
Router(config-time-range)# absolute [start time date] [end time date]
Or define a periodic time.
Router(config-time-range)# periodic days-of-the-week hh:mm to [days-of-the-
week] hh:mm
Step 3. Reference the time range in the extended ACL.
Router(config)# access-list number {permit | deny} source destination time-
range name_of_time_range
Step 4. Apply the ACL to an interface.
Router(config)# interface {interface-name}
Router(config-if)# ip access-group {access-list-number|name} {in | out}
Example 2-7 shows that all IP traffic is being permitted through the network on weekdays (Monday through
Friday) during normal business hours.
Example 2-7. Time-Based ACL Example
interface Ethernet0
ip address 172.16.1.2 255.255.255.0
ip access-group 101 in
access-list 101 permit ip any any time-range mytime
time-range mytime
periodic weekdays 9:00 to 17:00
Distributed Time-Based ACLs
Distributed time-based ACLs were introduced primarily for the high-end routers. Distributed time-based ACLs
were designed to be implemented on the VPN-enabled Cisco 7500 series routers.
Pages:
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101