The creation of a time range does not restrict access to the device. The time-range command defines the time range only. After a time range is defined, you can attach it to traffic rules or an action.

In order to implement a time-based ACL, use the time-range command to define specific times of the day and week. Then use the with the access-list extended time-range command to bind the time range to an ACL.

The time range relies on the system clock of the security appliance. However, the feature works best with NTP synchronization.

After you have created a time range and entered time-range configuration mode, you can define time range parameters with the absolute and periodic commands. In order to restore default settings for the time-range command absolute and periodic keywords, use the default command in time-range configuration mode.

In order to implement a time-based ACL, use the time-range command to define specific times of the day and week. Then use the with the access-list extended command to bind the time range to an ACL. The next example binds an ACL named "Sales" to a time range named "New York Minute":

This example creates a time range named "New York Minute" and enters time-range configuration mode:

hostname(config)#time-range New_York_Minute

hostname(config-time-range)#periodic weekdays 07:00 to 19:00

hostname(config)#access-list Sales line 1 extended deny ip any any time-range New_York_Minute

hostname(config)#access-group Sales in interface inside