cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
237
Views
5
Helpful
2
Replies
Beginner

deny pc access to web

I need assistance in developing a acl that can block a computer on the LAN from accessing the internet from midnight to 7am everyday. The router is a 857W, the computer is 192.168.2.33 the internal gw 192.168.2.254 (dialer 1 is 1.2.3.4).
acl 101 deny tcp host 192.168.2.33 eq www

what I need to figure out is how to add a time based acl to just this computer.

thanks


Sent from Cisco Technical Support iPad App

2 REPLIES 2
Highlighted
Participant

deny pc access to web

Hi,

This is wireless so not really the right place, but I think the below would work:

access-list 101 deny tcp host 192.168.2.33 eq www time-range NIGHTTIME

time-range NIGHTTIME

absolute 0:00 7:00

Cheers

Chris

Highlighted
Rising star

deny pc access to web

Hello Jon,

As per your query i can suggest you the following solution-

Time-Based ACLs Using Time Ranges

Time-based ACLs were introduced in Cisco IOS Software Release 12.0.1.T. While similar to extended ACLs in function, they allow for access control based on time. A time range is created that defines specific times of the day and week in order to implement time-based ACLs. The time range is identified by a name and then referenced by a function. Therefore, the time restrictions are imposed on the function itself. The time range relies on the router system clock. The router clock can be used, but the feature works best with Network Time Protocol (NTP) synchronization.

These are time-based ACL commands.

!--- Defines a named time range.

time-range time-range-name

!--- Defines the periodic times.

periodic days-of-the-week hh:mm to [days-of-the-week] hh:mm

      

!--- Or, defines the absolute times.

absolute [start time date] [end time date]

!--- The time range used in the actual ACL.

ip access-list name|number time-rangename_of_time-range 

In this example, a Telnet connection is permitted from the inside to outside network on Monday, Wednesday, and Friday during business hours:

interface Ethernet0/0

ip address 10.1.1.1 255.255.255.0

ip access-group 101 in     

access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255       

eq telnet time-range EVERYOTHERDAY 

time-range EVERYOTHERDAY

periodic Monday Wednesday Friday 8:00 to 17:00

Hope this will help you.

CreatePlease to create content
Content for Community-Ad

This widget could not be displayed.