Solved: ACL with schedule

marcio.tormente · ‎03-31-2015

Dear,

I have a customer who want deny a service with schedule, he can´t do it on firewall, for this reason he want block a traffic from the main office to a small office across MPLS link.

The Idea is deny this traffic on catalyst 4507 that is connected on MPLS link for a specific time.

I saw in Cisco's web site about Kron, but to be honest I didn´t understand.

Anyone know anything that I can make on 4507 to solve this problem?

Thanks

Karsten Iwen · ‎03-31-2015

If I remember right, the Cat 4500 also supports time-based ACL. If thats the case something like the following should work:

time-range workhours
 periodic weekdays 8:00 to 18:00

ip access-list extended TEST
 deny tcp any any eq www time-range workhours
 permit ip any any

interface gigabitethernet3/0/1
 ip access-group TEST out

View solution in original post

Karsten Iwen · ‎03-31-2015

If I remember right, the Cat 4500 also supports time-based ACL. If thats the case something like the following should work:

time-range workhours
 periodic weekdays 8:00 to 18:00

ip access-list extended TEST
 deny tcp any any eq www time-range workhours
 permit ip any any

interface gigabitethernet3/0/1
 ip access-group TEST out

marcio.tormente · ‎03-31-2015

Thanks Karsten,

I made a test with time-base with one line and works fine, but when I did with 02 lines, didn't work.

I'll try one more time.

Thanks