Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
314
Views
0
Helpful
4
Replies

Schedule port and IP access

crazydt73
Level 1
Level 1

‎11-16-2004 10:06 PM - edited ‎03-09-2019 09:28 AM

I hope this is not a stupid question, but I was wondering if the pix501 or pix506E supports port and ip address access schedules for inbound and outbound traffic. I would like to open and close ports for a particular web server at certain times during the day. Maybe you can point me to some documentation that describes this?

Labels:
0 Helpful
4 Replies 4

sachinraja
Level 9
Level 9

‎11-17-2004 01:29 AM

hello...

I dont think you can configure time-based access-lists on PIX. You can very well do this on routers, using the time-range command and associating it with an extended or named access-list...

I would advice you to do this at the perimeter router than on PIX.

Anyway, when you use a Access-list control manager with Cisco works, you can schedule to upload access-lists on specified times. this is the only way that i can think of.... you need to purchase cisco LMS solution for this !!!

This URL describes the time range configurations in ACL manager:

http://cisco.com/en/US/products/sw/cscowork/ps402/products_user_guide_chapter09186a00801fcdc1.html#wp111183

Hope this helps !!

All the best !!!

0 Helpful

crazydt73
Level 1
Level 1
In response to sachinraja

‎11-17-2004 04:46 PM

Thanks for the info, I will take a look at it!!!

0 Helpful

aftermath
Level 1
Level 1

‎11-17-2004 02:17 AM

First, there is never a stupid question in this field.

Although you can't time configure a PIX, Cisco has a tool called CSACS, ( Cisco Secure Access Control Server ). It is software that you can add to a Windows Server, that allows AAA ( Authentication, Authorization, and Accounting ). In ACS there is a platform called 'Network Access Restrictions' that allows you to add, modify, and monitor IP based usage. Now, this will take some time, and study on your part, but this is an excellent tool. I have provided a couple of links to get you started.

Hope this helps.

http://www.cisco.com/en/US/products/sw/secursw/ps5338/prod_bulletin09186a00800e689b.html

http://www.cisco.com/en/US/products/sw/secursw/ps2086/products_qanda_item0900aecd80108148.shtml

http://www.cisco.com/en/US/products/sw/secursw/ps5338/products_installation_and_configuration_guide_chapter09186a0080193aa0.html

0 Helpful

crazydt73
Level 1
Level 1
In response to aftermath

‎11-17-2004 04:45 PM

Thanks for the info I will take a look at it!!!

0 Helpful
Customers Also Viewed These Support Documents