Solved: ACL with schedule

marcio.tormente · ‎03-31-2015

Dear,

I have a customer who want deny a service with schedule, he can´t do it on firewall, for this reason he want block a traffic from the main office to a small office across MPLS link.

The Idea is deny this traffic on catalyst 4507 that is connected on MPLS link for a specific time.

I saw in Cisco's web site about Kron, but to be honest I didn´t understand.

Anyone know anything that I can make on 4507 to solve this problem?

Thanks

Karsten Iwen · ‎03-31-2015

If I remember right, the Cat 4500 also supports time-based ACL. If thats the case something like the following should work:

time-range workhours
 periodic weekdays 8:00 to 18:00

ip access-list extended TEST
 deny tcp any any eq www time-range workhours
 permit ip any any

interface gigabitethernet3/0/1
 ip access-group TEST out

--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

Karsten Iwen · ‎03-31-2015

If I remember right, the Cat 4500 also supports time-based ACL. If thats the case something like the following should work:

time-range workhours
 periodic weekdays 8:00 to 18:00

ip access-list extended TEST
 deny tcp any any eq www time-range workhours
 permit ip any any

interface gigabitethernet3/0/1
 ip access-group TEST out

--
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

marcio.tormente · ‎03-31-2015

Thanks Karsten,

I made a test with time-base with one line and works fine, but when I did with 02 lines, didn't work.

I'll try one more time.

Thanks