A topology map
Second, the configuration commands
First time before the start of modification.
Configuring time-range
r1(config)#time-range TELNET
r1(config-time-range)#periodic weekdays 9:00 to 17:00
Description: The time range is defined as Monday through Friday, 9:00 to 17:00
2. Configure ACL
Description: Configure R1 refuse telnet R2 to R4 in the above time, by all other traffic.
r1(config)#access-list 150 deny tcp host 10.118.1.2 any eq 23 time-range TELNET
r1(config)#access-list 150 permit ip any any
- Application ACL
r1(config)#int f0/0
r1(config-if)#ip access-group 150 in
- Time traffic conditions within the test range
( 1) view the current time R1
Description: Thursday current time is 14:34, i.e., the time range configured.
( 2) Test R2 to R4 initiated telnet session
Note: It can be seen within a predetermined time range, R2 to R4 is initiated telnet session is rejected.
( 3) testing of other traffic except telnet
R2 # ping 14.1.1.4
Note: It can be seen within a predetermined time, in addition than telnet, other unrestricted flow.
( 4) In addition to the test device R2 telnet where
说明:可以看到,除R2之外,其它设备telnet并不受限制。
5.测试时间范围外的流量情况
说明:在时间范围之外,所限制的流量被放开。
至此,基于时间的ACL已经配置完毕