Cisco WS-C3550-12G Software Configuration Manual page 426
Multilayer switch
Hide thumbs
Also See for WS-C3550-12G:
- User manual (436 pages) ,
- Manual (278 pages) ,
- Datasheet (19 pages)
Table of Contents
Advertisement
Configuring Router ACLs
and argument are referenced in the named and numbered extended ACL task tables in the previous
sections, the
Standard and Extended ACLs" section on page
These are some of the many possible benefits of using time ranges:
•
•
Note
The time range relies on the switch system clock. For this feature to work the way you intend, you
need a reliable clock source. We recommend that you use Network Time Protocol (NTP) to
synchronize the switch clock. For more information, see the
section on page
Beginning in privileged EXEC mode, follow these steps to configure a time-range parameter for an
ACL:
Command
Step 1
configure terminal
Step 2
time-range time-range-name
Step 3
absolute [start time date]
[end time date]
or
periodic day-of-the-week hh:mm to
[day-of-the-week] hh:mm
or
periodic {weekdays | weekend | daily}
hh:mm to hh:mm
Step 4
end
Step 5
show time-range
Step 6
copy running-config startup-config
To remove a configured time-range limitation, use the no time-range time-range-name global
configuration command.
Repeat the steps if you have multiple items that you want in effect at different times. This example shows
how to configure time ranges for workhours and for company holidays and how to verify your
configuration.
Switch(config)# time-range workhours
Switch(config-time-range)# periodic weekdays 8:00 to 12:00
Switch(config-time-range)# periodic weekdays 13:00 to 17:00
Switch(config-time-range)# exit
Switch(config)# time-range new_year_day_2000
Switch(config-time-range)# absolute start 00:00 1 Jan 2000 end 23:59 1 Jan 2000
Catalyst 3550 Multilayer Switch Software Configuration Guide
19-16
"Creating Standard and Extended IP ACLs" section on page
You have more control over permitting or denying a user access to resources, such as an application
(identified by an IP address/mask pair and a port number).
You can control logging messages. ACL entries can log traffic at certain times of the day, but not
constantly. Therefore, you can simply deny access without needing to analyze many logs generated
during peak hours.
6-32.
Purpose
Enter global configuration mode.
Identify the time-range by a meaningful name, and enter time-range
configuration mode. The name cannot contain a space or quotation mark
and must begin with a letter.
Specify when the function it will be applied to is in effect. Use some
combination of these commands; multiple periodic statements are
allowed; only one absolute statement is allowed. If more than one
absolute statement is configured, only the one configured last is
executed.
Return to privileged EXEC mode.
Verify the time-range configuration.
(Optional) Save your entries in the configuration file.
Chapter 19
Configuring Network Security with ACLs
19-6, and the
19-14.
"Managing the System Time and Date"
"Creating Named
78-11194-03
- Quick Links:
- Table of Contents
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
