Login only on business hours

Unanswered Question
Apr 17th, 2009
User Badges:
  • Silver, 250 points or more

Hi,

Is there a way in order to enforce the authentication (telnet, shh) on switches and/or routers local or via RADIUS only on business hours?


Thank you.

Best regards.

Massimiliano.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 2.5 (2 ratings)
Loading.
AxiomConsulting Fri, 04/17/2009 - 05:31
User Badges:

What RADIUS are you using?


You can edit the Profile, if using MS IAS and edit the option 'Allow access only on these days and at these times'


HTH


Steve

massimiliano.se... Mon, 04/20/2009 - 00:45
User Badges:
  • Silver, 250 points or more

Hi,

I'm using FreeRADIUS...


Thank you.

Best regards.

Massimiliano.

massimiliano.se... Mon, 04/20/2009 - 04:02
User Badges:
  • Silver, 250 points or more

Hi,

I've resolved.

In FreeRADIUS the attribute is "Login-Time"...

For examople in order to permit the login to one user only on interval range 8:00-24:00 on all days of the week we use Login-Time:='Al800-2400'


Best regards.

Massimiliano.

John Blakley Fri, 04/17/2009 - 05:34
User Badges:
  • Purple, 4500 points or more

In theory, you should be able to create an access list that's time based and then apply it to your line.


router(config)# time-range TEST

router(config-time-range)# periodic weekdays 08:00 to 17:00


router(config-time-range)# ip access-list ext ALLOWEDTELNET

router(config-ext-nacl)# permit tcp any any eq 23 time-range TEST


router(config-ext-nacl)# line vty 0 4

router(config-line)# access-class ALLOWEDTELNET


I've never tried this, but it should work.


HTH,

John

Actions

This Discussion