04-17-2009 03:29 AM - edited 03-09-2019 10:13 PM
Hi,
Is there a way in order to enforce the authentication (telnet, shh) on switches and/or routers local or via RADIUS only on business hours?
Thank you.
Best regards.
Massimiliano.
04-17-2009 05:31 AM
What RADIUS are you using?
You can edit the Profile, if using MS IAS and edit the option 'Allow access only on these days and at these times'
HTH
Steve
04-20-2009 12:45 AM
Hi,
I'm using FreeRADIUS...
Thank you.
Best regards.
Massimiliano.
04-20-2009 04:02 AM
Hi,
I've resolved.
In FreeRADIUS the attribute is "Login-Time"...
For examople in order to permit the login to one user only on interval range 8:00-24:00 on all days of the week we use Login-Time:='Al800-2400'
Best regards.
Massimiliano.
04-17-2009 05:34 AM
In theory, you should be able to create an access list that's time based and then apply it to your line.
router(config)# time-range TEST
router(config-time-range)# periodic weekdays 08:00 to 17:00
router(config-time-range)# ip access-list ext ALLOWEDTELNET
router(config-ext-nacl)# permit tcp any any eq 23 time-range TEST
router(config-ext-nacl)# line vty 0 4
router(config-line)# access-class ALLOWEDTELNET
I've never tried this, but it should work.
HTH,
John
04-17-2009 05:37 AM
John,
A very useful post!
Thanks
Steve
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide