policies will be enabled and disabled at the right time. For more information, please see
Section 2.2, "System Date and Time".
Example 3.43. Setting up a Time-Scheduled Security Policy
This example creates a schedule object for office hours on weekdays, and attaches the object to
an IP Rule that allows HTTP traffic.
Command-Line Interface
gw-world:/> add ScheduleProfile OfficeHours
Mon=8-17 Tue=8-17 Wed=8-17 Thu=8-17 Fri=8-17
Now create the IP rule that uses this schedule.
gw-world:/> add IPRule Action=NAT
Configuration changes must be saved by then issuing an activate followed by a commit
command.
Web Interface
1.
Go to: Policies > Schedules > Add > Schedule
2.
Enter the following:
•
Name: OfficeHours
3.
Select 08-17, Monday to Friday in the grid
4.
Click OK
1.
Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2.
Enter the following:
•
Name: AllowHTTP
3.
Select the following from the dropdown lists:
•
Action: NAT
•
Service: http
•
Schedule: OfficeHours
•
SourceInterface: lan
Service=http
SourceInterface=lan
SourceNetwork=lannet
DestinationInterface=any
DestinationNetwork=all-nets
Schedule=OfficeHours name=AllowHTTP
266
Chapter 3: Fundamentals