Configuring a time-based acl – Dell POWEREDGE M1000E User Manual

Configuring Access Control Lists

573

Configuring a Time-Based ACL

The following example configures an ACL that denies HTTP traffic from 8:00

pm to 12:00 pm and 1:00 pm to 6:00 pm on weekdays and from 8:30 am to

12:30 pm on weekends. The ACL affects all hosts connected to ports that are

members of VLAN 100. The ACL permits VLAN 100 members to browse the

Internet only during lunch and after hours.
To configure the switch:

1 Create a time range called

work-hours

.

console#config

console(config)#time-range work-hours

2 Configure an entry for the time range that applies to the morning shift

Monday through Friday.

console(config-time-range)#periodic weekdays 8:00

to 12:00

3 Configure an entry for the time range that applies to the afternoon shift

Monday through Friday.

console(config-time-range)#periodic weekdays 13:00

to 18:00

4 Configure an entry for the time range that applies to Saturday and Sunday.

console(config-time-range)#periodic weekend 8:30

to 12:30

console(config-time-range)#exit

5 Create an ACL named

web-limit

that denies HTTP traffic during the

work-hours

time range.

console(config)#access-list web-limit deny tcp any

any eq http time-range work-hours

6 Enter interface configuration mode for VLAN 100 and apply the ACL to

ingress traffic.

console(config)#interface vlan 100

console(config-if-vlan100)#ip access-group web-

limit in

console(config-if-vlan100)#exit

console(config)#exit