Table of Contents
Advertisement
Configuring Filters Using the Web-Browser Interface
Click Apply.
Step 6
Creating a Time-Based ACL
Time-based ACLs are ACLs that can be enabled or disabled for a specific period of time. This capability
provides robustness and the flexibility to define access control policies that either permit or deny certain
kinds of traffic.
This example illustrates how to configure a time-based ACL through the CLI, where Telnet connection
is permitted from the inside to the outside network on weekdays during business hours:
Note
A time-based ACL can be defined either on the Fast Ethernet port or on the Radio port of the Aironet
AP, based on your requirements. It is never applied on the Bridge Group Virtual Interface (BVI).
Follow these steps to create a time-based ACL.
Log in to the AP through the CLI.
Step 1
Use the console port or Telnet in order to access the ACL through the Ethernet interface or the wireless
Step 2
interface.
Enter global configuration mode.
Step 3
Create a Time Range. For this example, Test:
Step 4
Create a time-range:
Step 5
Create an ACL . For this example, 101:
Step 6
Apply the time-based ACL to the Ethernet interface:
Step 7
Cisco IOS Software Configuration Guide for Cisco Aironet Access Points
16-8
AP<config>#time-range Test
AP<config>#time-range periodic weekdays 7:00 to 19:00
Allows access to users during weekdays from 7:00 to 19:00 hrs.
Note
AP<config># ip access-list extended 101
AP<config-ext-nacl>#permit tcp 10.1.1.0 0.0.0.255 172.16.1.0 0.0.0.255 eq telnet time-range
Test
This ACL permits Telnet traffic to and from the network for the specified time-range Test.
Note
It also permits a Telnet session to the AP on weekdays.
interface Ethernet0/0
ip address 10.1.1.1 255.255.255.0
ip access-group 101 in
Chapter 16
Configuring Filters
OL-14209-01
- Quick Links:
- Repeater Access Point
Hide quick links:
Advertisement
Table of Contents
