In this example I want to restrict UDP traffic, but only during a specific time range.
We are going to configure our time range. and the requeriment is to match a time period from 9AM to 1PM.
We will configure our time range as periodic daily, and specify the time period of 9:00 to 12:59. (Note: Because of the way the router handles the time range, the ending time of 12:59 will cover through 12:59:59.)
R2(config)#time-range NOUDP R2(config-time-range)#periodic daily 9:00 to 12:59
Now that we have our time-range configured, we can apply it in our access list. We will block UDP traffic during the time range we have created.
R2(config)#access-list 199 deny udp any any time-range NOUDP R2(config)#access-list 199 permit ip any any
Then Apply the ACL to the interface, do not forget to do this =)
R2(config)#int f0/1 R2(config-if)#ip access-group 199 in
time-range entry: NOUDP ((–>inactive<--)) periodic daily 9:00 to 12:59 used in: IP ACL entry [/sourcecode] [sourcecode language='css'] R2#show access-list Extended IP access list 199 10 deny udp any any time-range NOUDP (inactive) 20 permit ip any any (24 matches) [/sourcecode] So let set the clock [sourcecode language='css'] R2#clock set 9:01:00 1 Jun 2008 R2#*Jun 1 09:01:00.000: %SYS-6-CLOCKUPDATE: System clock has been updated from 03:32:45 UTC Mon Jun 15 2008 to 09:01:00 UTC Sat Jun 1 2008, configured from console by console. [/sourcecode] We can determine how that the ACL is active, bloquing UDP Traffic, in the time period specified [sourcecode language='css'] R2#show ip access-list Extended IP access list 199 10 deny udp any any time-range NOUDP (((-->active<--))) 20 permit ip any any (57 matches) [/sourcecode]