Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
358
Views
0
Helpful
5
Replies

Do Cisco switches have this security function?

alexmchau
Level 1
Level 1

‎02-17-2008 12:58 PM - edited ‎03-05-2019 09:12 PM

During the course of studying, I came across some security features for switch ports. I am about to put a Cisco switch on my home network and would like to specify the time of day that a client PC can use the port. (e.g. the port is allow traffic from 9am-6pm, the port would shutdown other times.) Is there such a feature with Cisco switches? If yes, what is the minimum IOS version supports it?

Thanks. - AC

Labels:
0 Helpful
5 Replies 5

Edison Ortiz
Hall of Fame
Hall of Fame

‎02-17-2008 01:50 PM

You need to get familiar with 802.1x

http://www.cisco.com/en/US/products/ps6662/products_ios_protocol_option_home.html

HTH,

__

Edison.

0 Helpful

alexmchau
Level 1
Level 1
In response to Edison Ortiz

‎02-18-2008 05:55 AM

Thanks. That's good information. But I think this is overkill in SOHO. I do have a need to limit the WWW access to my kids. I have another simple idea to use a router instead. I'm going to put the kid's PCs on a different subnet and put a router in between. Original network on E0/0, kid's network on E0/1. Using Time-based ACL, I should be able to limit the access as follows:-

Interface E0/0

IP address 192.168.0.2 255.255.255.0

IP access-group 101 in

access-list 101 deny TCP any any eq WWW

time-range no_http

access-list 101 permit IP any any

time-range no_http

periodic daily 20:00 to 08:59

Comments? Anyone? Thanks.

- AC

0 Helpful

alexmchau
Level 1
Level 1
In response to alexmchau

‎02-18-2008 05:56 AM

Thanks. That's good information. But I think this is overkill in SOHO. I do have a need to limit the WWW access to my kids. I have another simple idea to use a router instead. I'm going to put the kid's PCs on a different subnet and put a router in between. Original network on E0/0, kid's network on E0/1. Using Time-based ACL, I should be able to limit the access as follows:-

Interface E0/0

IP address 192.168.0.2 255.255.255.0

IP access-group 101 in

access-list 101 deny TCP any any eq WWW time-range no_http

access-list 101 permit IP any any

time-range no_http

periodic daily 20:00 to 08:59

Comments? Anyone? Thanks.

- AC

0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to alexmchau

‎02-18-2008 07:28 AM

Definitely an overkill for SOHO, I was not aware of your target audience :)

Time-Based ACL should do the trick if you want to block internet browsing during certain hours.

One thing to keep in mind, internet is not only done via port 80. There are bunch of applications out there that do not rely on port 80. If you don't want your kids out of your network, just deny ip any any on that subnet and just allow yourself :)

__

Edison.

0 Helpful

alexmchau
Level 1
Level 1
In response to Edison Ortiz

‎02-18-2008 11:51 AM

Already thought of that but there are a few school related software that would need to run with an internet connection. It is just WWW access that I would need to restrict at this time. This will make them more focus on the school work. Unless my kids figure out how to hack around, I think WWW restriction is all we need at this time.

Thanks. - AC

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card