Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
488
Views
5
Helpful
2
Replies

deny pc access to web

jonl711
Level 1
Level 1

‎05-29-2013 12:05 AM - edited ‎07-04-2021 12:08 AM

I need assistance in developing a acl that can block a computer on the LAN from accessing the internet from midnight to 7am everyday. The router is a 857W, the computer is 192.168.2.33 the internal gw 192.168.2.254 (dialer 1 is 1.2.3.4).
acl 101 deny tcp host 192.168.2.33 eq www

what I need to figure out is how to add a time based acl to just this computer.

thanks


Sent from Cisco Technical Support iPad App

Labels:
0 Helpful
2 Replies 2

Chris Illsley
Level 3
Level 3

‎05-29-2013 12:46 AM

Hi,

This is wireless so not really the right place, but I think the below would work:

access-list 101 deny tcp host 192.168.2.33 eq www time-range NIGHTTIME

time-range NIGHTTIME

absolute 0:00 7:00

Cheers

Chris

Abhishek Abhishek
Cisco Employee
Cisco Employee

‎05-29-2013 03:01 PM

Hello Jon,

As per your query i can suggest you the following solution-

Time-Based ACLs Using Time Ranges

Time-based ACLs were introduced in Cisco IOS Software Release 12.0.1.T. While similar to extended ACLs in function, they allow for access control based on time. A time range is created that defines specific times of the day and week in order to implement time-based ACLs. The time range is identified by a name and then referenced by a function. Therefore, the time restrictions are imposed on the function itself. The time range relies on the router system clock. The router clock can be used, but the feature works best with Network Time Protocol (NTP) synchronization.

These are time-based ACL commands.

!--- Defines a named time range.

time-range time-range-name

!--- Defines the periodic times.

periodic days-of-the-week hh:mm to [days-of-the-week] hh:mm

      

!--- Or, defines the absolute times.

absolute [start time date] [end time date]

!--- The time range used in the actual ACL.

ip access-list name|number time-rangename_of_time-range 

In this example, a Telnet connection is permitted from the inside to outside network on Monday, Wednesday, and Friday during business hours:

interface Ethernet0/0

ip address 10.1.1.1 255.255.255.0

ip access-group 101 in     

access-list 101 permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255       

eq telnet time-range EVERYOTHERDAY 

time-range EVERYOTHERDAY

periodic Monday Wednesday Friday 8:00 to 17:00

Hope this will help you.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card