Q

Configuring a distributed time-based ACL

I have a router which auto-dials into an access server for connectivity. I have applied a time-based ACL, which

defines the interesting traffic and the hours during which it should be allowed to pass. However, the ACL is not working properly as interesting traffic appears to still be allowed at all times. I have pasted the ACL below and the time-range specifications. The ACL is applied to the async interface on the router dialing out.

*****
 access-list 100 remark ACL for Async interesting traffic definition
 access-list 100 permit ip any host 255.255.255.255 time-range dial-up-hours
 access-list 100 deny ip any host 255.255.255.255
 access-list 100 permit ip any any
dialer-list 1 protocol ip list 100

time-range dial-up-hours
 absolute start 00:00 05 October 2003
 periodic Saturday 1:30 to 13:30
 periodic Sunday 1:30 to 13:30
 periodic Monday 1:30 to 13:30
 periodic Tuesday 1:30 to 13:30
 periodic Wednesday 1:30 to 13:30
 periodic Thursday 1:30 to 13:30
 periodic Friday 1:30 to 13:30
*****

Thanks in advance!
In your dialer list you have specified all IP traffic so any packet will trigger the link. You can create an access-list and call that access-list in your dialer list so that only required traffic kicks the link up.

This was first published in November 2003

Dig deeper on LANs (Local Area Networks)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchSDN

SearchEnterpriseWAN

SearchUnifiedCommunications

SearchMobileComputing

SearchDataCenter

SearchITChannel

Close