Configuring and applying time ranges – Cisco ASA 5505 User Manual

Page 379

Advertising
background image

13-17

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 13 Configuring Objects

Scheduling Extended Access List Activation

Additional Guidelines and Limitations

The following guidelines and limitations apply to using object groups with access lists:

Users could experience a delay of approximately 80 to 100 seconds after the specified end time for
the ACL to become inactive. For example, if the specified end time is 3:50, because the end time is
inclusive, the command is picked up anywhere between 3:51:00 and 3:51:59. After the command is
picked up, the ASA finishes any currently running task and then services the command to deactivate
the ACL.

Multiple periodic entries are allowed per time-range command. If a time-range command has both
absolute and periodic values specified, then the periodic commands are evaluated only after the
absolute start time is reached, and they are not further evaluated after the absolute end time is
reached.

Configuring and Applying Time Ranges

You can add a time range to implement a time-based access list. To identify the time range, perform the
steps in this section.

Detailed Steps

Command

Purpose

Step 1

time-range

name

Example:

hostname(config)# time range Sales

Identifies the time-range name.

Step 2

Do one of the following:

periodic

days-of-the-week time to

[days-of-the-week] time

Example

:

hostname(config-time-range)# periodic

monday 7:59 to friday 17:01

Specifies a recurring time range.

You can specify the following values for days-of-the-week:

monday, tuesday, wednesday, thursday, friday, saturday,
or sunday.

daily

weekdays

weekend

The time is in the format hh:mm. For example, 8:00 is 8:00 a.m.
and 20:00 is 8:00 p.m.

Advertising