Cisco ASA 5505 User Manual

Page 380

Advertising
background image

13-18

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 13 Configuring Objects

Scheduling Extended Access List Activation

Example

The following example binds an access list named “Sales” to a time range named “New_York_Minute”:

hostname(config)# access-list Sales line 1 extended deny tcp host 209.165.200.225 host

209.165.201.1 time-range New_York_Minute

Configuration Examples for Scheduling Access List Activation

The following is an example of an absolute time range beginning at 8:00 a.m. on January 1, 2006.
Because no end time and date are specified, the time range is in effect indefinitely.

hostname(config)# time-range for2006

hostname(config-time-range)# absolute start 8:00 1 january 2006

The following is an example of a weekly periodic time range from 8:00 a.m. to 6:00 p.m on weekdays:

hostname(config)# time-range workinghours

hostname(config-time-range)# periodic weekdays 8:00 to 18:00

Feature History for Scheduling Access List Activation

Table 13-3

lists each feature change and the platform release in which it was implemented.

absolute start time date [end time date]

Example:

hostname(config-time-range)# absolute

start 7:59 2 january 2009

Specifies an absolute time range.

The time is in the format hh:mm. For example, 8:00 is 8:00 a.m.
and 20:00 is 8:00 p.m.

The date is in the format day month year; for example, 1 january
2006.

Step 3

access-list

access_list_name [extended]

{deny | permit}...[time-range name]

Example:

hostname(config)# access list Marketing

extended deny tcp host 209.165.200.225

host 209.165 201.1 time-range

Pacific_Coast

Applies the time range to an ACE.

Note

If you also enable logging for the ACE, use the log
keyword before the time-range keyword. If you disable
the ACE using the inactive keyword, use the inactive
keyword as the last keyword.

See

Chapter 15, “Adding an Extended Access List,”

for complete

access-list command syntax.

Command

Purpose

Table 13-3

Feature History for Scheduling Access List Activation

Feature Name

Releases

Feature Information

Scheduling access list activation

7.0

You can schedule each ACE in an access list to be activated
at specific times of the day and week.

We introduced or mofied the following commands:
object-group protocol, object-group network,
object-group service, object-group icmp_type.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals