Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 165
  • Last Modified:

Time-Range

Hi experts,

I created a policy-map to block some websites and it works well, and I created a time-range for every day start from 8 to 4, but I don't know how to include this time range in my policy-map.

Thanks
0
lexmark1
Asked:
lexmark1
  • 4
  • 2
2 Solutions
 
btanExec ConsultantCommented:
0
 
lexmark1Author Commented:
Hi Dear,
Thanks for reply but I want to include my time-range in my existing class-policy to do time for website blocking not time for web surfing.

Thanks
0
 
btanExec ConsultantCommented:
Would it be simply be done in access list instead
uration

ip access-list extended RESTRICTED_SITES

deny ip 172.16.30.0 0.0.0.127 66.220.144.0 0.0.15.255 time-range OFFICE_HRS
deny ip 172.16.30.0 0.0.0.127 204.74.64.0 0.0.63.255 time-range OFFICE_HRS
deny ip 172.16.30.0 0.0.0.127 69.63.176.0 0.0.15.255 time-range OFFICE_HRS
deny ip 172.16.30.0 0.0.0.127 69.171.224.0 0.0.31.255 time-range OFFICE_HRS
permit ip any any
0
NEW Internet Security Report Now Available!

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out this quarters report on the threats that shook the industry in Q4 2017.

 
btanExec ConsultantCommented:
Probably this is a better one
https://supportforums.cisco.com/thread/2070269
0
 
lexmark1Author Commented:
Hi breadtan,

Is there any way to apply time-range in my exist class-map without accees-list?

Thanks
0
 
btanExec ConsultantCommented:
so far time-range need access-list  (in base licence)

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml#timebasedtimerange

Time-Based ACLs Using Time Ranges

Time-based ACLs were introduced in Cisco IOS Software Release 12.0.1.T. While similar to extended ACLs in function, they allow for access control based on time. A time range is created that defines specific times of the day and week in order to implement time-based ACLs. The time range is identified by a name and then referenced by a function. Therefore, the time restrictions are imposed on the function itself. The time range relies on the router system clock. The router clock can be used, but the feature works best with Network Time Protocol (NTP) synchronization.

http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/configuration/guide/swacl.html#wp1071539
http://www.cisco.com/en/US/docs/security/asa/asa84/configuration/guide/acl_objects.html#wp1525991
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now