Time-based ACLs

Continuing on to our security basics this time with ACLs. When I was studying for my CCNA almost 3 years ago, it made mentioned of time-based policies but not once in any lab manuals was I able to encounter what it looked like.

Well here it is, so imagine you are managing your network (really neat application would be your own internet connection at home). You can create a policy where you can limit the time internet can be access via your router, you can even go beyond by being specific with websites but for simplicity sake we’ll just limit all internet access.

Obviously for this to really work, just make sure that your router’s clock is in sync with the correct time.

conf t
!
time-range NO_INTERNET_WEEKDAYS
periodic monday wednesday friday 0:00 7:00
periodic monday wednesday friday 18:00 23:54
!
time-range NO_INTERNET_WEEKEND
periodic weekends 7:00 15:00
!
ip access-list extended NO_INTERNET_TIME
deny tcp any any eq www time-range NO_INTERNET_WEEKDAYS
deny tcp any any eq www time-range NO_INTERNET_WEEKEND
permit ip any any
!
int fa0/0
description WAN
ip access-group NO_INTERNET_TIME out
!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s