RE: Time Range ACLs - 17:59 or 18:00 ???

From: ZeroFlash (Fire_Ice@verizon.net)
Date: Tue May 30 2006 - 12:38:16 ART

• Next message: Jai Prakash: "Re: direction of applying NBAR for http"
• Previous message: Jai Prakash: "Re: Passed CCIE in Brussels yesterday."
• Maybe in reply to: darbyweaver@yahoo.com: "Time Range ACLs - 17:59 or 18:00 ???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If the requirement is for 1800 to 0600 then that's the range I would use.
This is telling me that access for FTP is to start at 0601 and end at 1759

Thanks

ZeroFlash
CCIE #16217
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
darbyweaver@yahoo.com
Sent: Monday, May 29, 2006 11:05 PM
To: ccielab@groupstudy.com
Subject: Time Range ACLs - 17:59 or 18:00 ???

I was wondering what the general consensus was with regard to Time-Range
ACLs.

If I wanted to do the following:

Don't permit ftp traffic during weekdays from 18:00 to 06:00.

conf t
ip access-list extended FTP_TOD
deny tcp any any eq www time-range FTP_DAYS
permit ip any any
exit

time-range FTP_DAYS
periodic weekday 18:00 to 05:59
exit

int F0/0
ip access-group FTP_TOD in

or would be this be more accurate:

conf t
ip access-list extended FTP_TOD
deny tcp any any eq www time-range FTP_DAYS
permit ip any any
exit

time-range FTP_DAYS
periodic weekday 18:00 to 06:00
exit

int F0/0
ip access-group FTP_TOD in

• Next message: Jai Prakash: "Re: direction of applying NBAR for http"
• Previous message: Jai Prakash: "Re: Passed CCIE in Brussels yesterday."
• Maybe in reply to: darbyweaver@yahoo.com: "Time Range ACLs - 17:59 or 18:00 ???"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu Jun 01 2006 - 06:33:22 ART