Problem solve Get help with specific problems with your technologies, process and projects.

Configuring a distributed time-based ACL

I have a router which auto-dials into an access server for connectivity. I have applied a time-based ACL, which defines the interesting traffic and the hours during which it should be allowed to pass. However, the ACL is not working properly as interesting traffic appears to still be allowed at all times. I have pasted the ACL below and the time-range specifications. The ACL is applied to the async interface on the router dialing out.

 access-list 100 remark ACL for Async interesting traffic definition
 access-list 100 permit ip any host time-range dial-up-hours
 access-list 100 deny ip any host
 access-list 100 permit ip any any
dialer-list 1 protocol ip list 100

time-range dial-up-hours
 absolute start 00:00 05 October 2003
 periodic Saturday 1:30 to 13:30
 periodic Sunday 1:30 to 13:30
 periodic Monday 1:30 to 13:30
 periodic Tuesday 1:30 to 13:30
 periodic Wednesday 1:30 to 13:30
 periodic Thursday 1:30 to 13:30
 periodic Friday 1:30 to 13:30

Thanks in advance!
In your dialer list you have specified all IP traffic so any packet will trigger the link. You can create an access-list and call that access-list in your dialer list so that only required traffic kicks the link up.

This was last published in November 2003

Dig Deeper on Network Infrastructure

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.