Scheduling Extended Access List Activation - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 16
Identifying Traffic with Access Lists
hostname(config)# access-list OUT remark - this is the hr admin address
hostname(config)# access-list OUT extended permit ip host 209.168.200.4 any
Scheduling Extended Access List Activation
You can schedule each ACE to be activated at specific times of the day and week by applying a time
range to the ACE. This section includes the following topics:
•
•
Adding a Time Range
To add a time range to implement a time-based access list, perform the following steps:
Identify the time-range name by entering the following command:
Step 1
hostname(config)# time-range name
Specify the time range as either a recurring time range or an absolute time range.
Step 2
Multiple periodic entries are allowed per time-range command. If a time-range command has both
absolute and periodic values specified, then the periodic commands are evaluated only after the
absolute start time is reached, and are not further evaluated after the absolute end time is reached.
•
•
The following is an example of an absolute time range beginning at 8:00 a.m. on January 1, 2006.
Because no end time and date are specified, the time range is in effect indefinitely.
hostname(config)# time-range for2006
hostname(config-time-range)# absolute start 8:00 1 january 2006
The following is an example of a weekly periodic time range from 8:00 a.m. to 6:00 p.m on weekdays.:
hostname(config)# time-range workinghours
OL-10088-01
Adding a Time Range, page 16-17
Applying the Time Range to an ACE, page 16-18
Recurring time range:
hostname(config-time-range)# periodic days-of-the-week time to [days-of-the-week] time
You can specify the following values for days-of-the-week:
–
monday, tuesday, wednesday, thursday, friday, saturday, and sunday.
daily
–
weekdays
–
weekend
–
The time is in the format hh:mm. For example, 8:00 is 8:00 a.m. and 20:00 is 8:00 p.m.
Absolute time range:
hostname(config-time-range)# absolute start time date [end time date]
The time is in the format hh:mm. For example, 8:00 is 8:00 a.m. and 20:00 is 8:00 p.m.
The date is in the format day month year; for example, 1 january 2006.
Scheduling Extended Access List Activation
Cisco Security Appliance Command Line Configuration Guide
16-17
Advertisement
Table of Contents
Troubleshooting
