Orbit-Computer Solutions.Com

Computer Training & Networking Solutions
Chika Nwokeoma, EzineArticles.com Basic Author < <
 
IP
 
 
 

Time-based ACLs

What are Time-based ACLs?

Time-based ACLs are types of control lists that allow for network access based on time or day. Its function is similar to that of the extended ACLs. Time-based ACLs is implemented by creating a time range that defines specific times of the day and week. This time range created have to be identified with a specific name and then refer to it by a function. The time restrictions are imposed on the function itself.

Time-based ACLs are especially useful when you want to place restriction(s) on inbound or outbound traffic based on the time of day. For example, you might apply time-based ACLs if you wanted to only allow access to the Internet during a particular time of the day or allow access to a particular server only during work hours. The time range relies on the router system clock. The feature works best with Network Time Protocol (NTP) synchronization, but the router clock can be used.

Advantages of Time-based ACLs

Time-based ACLs have many advantages, such as:

  • It offers the network administrator more control over permitting or denying access to resources.
  • Allows a network administrator to control logging messages. ACL entries can log traffic at certain times of the day, but not constantly. Therefore, administrators can simply deny access without analyzing the many logs that are generated during peak hours.

Time Based ACL Configuration Example

The following example shows the steps that are required. In the example, a Telnet connection is permitted from the inside network to the outside network on Monday, Wednesday, and Friday during business hours.
 
Time-base ACLs

Time-base ACLs

Step-by-Step Configuration of Time-base ACLs

Step 1.
Define the time range to implement the ACL and give it a name-EVERYOTHERDAY, in this case.
 
R3#config t
R3(config)#time-range WEBNETDAY
R3(config-time-range)#periodic Monday Wednesday Friday 9.00 to 17.00
 
Step 2.
Apply the time range to the ACL.

R3(config)#access-list 101 permit tcp 192.168.2.0 0.0.0.255 any eq telnet time-range WEBNETDAY

Step 3.
Apply the ACL to the interface.
 
R3(config)#interface s0/0/0
R3(config-if)#ip access-group 101 out
 
 
 
 
 
 
 
 
 

        

  

 
Copyright 2009 - 2010. Orbit-Computer-Solutions.Com. All rights reserved.   Web Links  Privacy Policy  
 
The information provided on this website is for informational purposes only. Orbit-computer-solutions.com makes no warranties, either expressed or implied,
 with respect to any information contained on this website.
Orbit computer solutions.com reserves the right to change this policy at any time without prior notice.
Cisco and All related product mentioned in any portion of this website are the registered trademarks of Cisco.com their respective owners.
Microsoft Windows and All related products mentiond in any portion of this website are registered trademark of Microsoft Corporation.
 
Please email questions and comment to webmaster: toureg11@googlemail.com