Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2193
Views
0
Helpful
2
Replies

Time range access-list problem

aadilovic
Level 1
Level 1

‎08-09-2007 03:13 AM

I made this access-list:

Standard IP access list 1

10 permit any (135 matches)

Extended IP access list RadniSati

1 permit tcp 192.168.0.0 0.0.0.255 any eq smtp

2 permit tcp 192.168.0.0 0.0.0.255 any eq pop3

10 permit ip host 192.168.0.40 any time-range RadniSati2 (inactive)

20 permit ip host 192.168.0.42 any time-range RadniSati2 (inactive)

30 permit ip host 192.168.0.50 any time-range RadniSati2 (inactive)

40 permit ip host 192.168.0.51 any time-range RadniSati2 (inactive)

50 permit ip host 192.168.0.52 any time-range RadniSati2 (inactive)

60 permit ip host 192.168.0.57 any time-range RadniSati2 (inactive)

70 permit ip host 192.168.0.58 any time-range RadniSati2 (inactive)

80 permit ip host 192.168.0.59 any time-range RadniSati2 (inactive)

90 permit ip host 192.168.0.60 any time-range RadniSati2 (inactive)

100 permit ip host 192.168.0.9 any time-range RadniSati (active) (16 matches)

110 permit ip host 192.168.0.10 any time-range RadniSati (active)

120 permit ip host 192.168.0.12 any time-range RadniSati (active)

130 permit ip host 192.168.0.111 any time-range RadniSati (active) (573 matches)

140 permit ip host 192.168.0.153 any time-range RadniSati (active) (190 matches)

150 permit ip host 192.168.0.15 any time-range RadniSati (active) (9 matches)

160 permit ip host 192.168.0.16 any time-range RadniSati (active)

170 permit ip host 192.168.0.14 any time-range RadniSati (active)

180 permit ip host 192.168.0.24 any time-range RadniSati (active) (170 matches)

190 permit ip host 192.168.0.20 any time-range RadniSati (active)

200 permit ip host 192.168.0.21 any time-range RadniSati (active) (3 matches)

210 permit ip host 192.168.0.3 any time-range RadniSati00-24 (active) (669 matches)

220 permit ip host 192.168.0.23 any time-range RadniSati00-24 (active) (199 matches)

230 permit ip host 192.168.0.61 any time-range RadniSati00-24 (active)

240 permit ip host 192.168.0.82 any time-range RadniSati00-24 (active)

250 permit ip host 192.168.0.41 any time-range RadniSati00-24 (active) (3 matches)

260 permit ip host 192.168.0.62 any time-range RadniSati00-24 (active) (12 matches)

270 permit ip host 192.168.0.65 any time-range RadniSati00-24 (active)

280 permit ip host 192.168.0.66 any time-range RadniSati00-24 (active) (48 matches)

The problem is that this ACL is working only for 2 days and then it stops. I have then to take the acl out of the interface and put it back in.

interface Vlan1

ip address 192.168.0.1 255.255.255.0

ip access-group RadniSati in

ip nat inside

ip virtual-reassembly

Router is 876 and IOS c870-adventerprisek9-mz.124-6.T5

Labels:
0 Helpful
2 Replies 2

gmarogi
Level 5
Level 5

‎08-14-2007 01:46 PM

The time range relies on the software clock of the routing device. For the time range feature to work the way you intend, you need a reliable clock source. We recommend that you use Network Time Protocol (NTP) to synchronize the software clock of the routing device

http://www.cisco.com/en/US/products/sw/iosswrel/ps1839/products_feature_guide09186a0080087ae5.html

0 Helpful

sundar.palaniappan
Level 10
Level 10
In response to gmarogi

‎08-14-2007 04:25 PM

Can you post the time range configuration?

What type of router is this and when ACL doesn't work were you seeing any problems like high CPU etc..?

0 Helpful
Customers Also Viewed These Support Documents