Login only on business hours

massimiliano.serafino · ‎04-17-2009

Hi,

Is there a way in order to enforce the authentication (telnet, shh) on switches and/or routers local or via RADIUS only on business hours?

Thank you.

Best regards.

Massimiliano.

AxiomConsulting · ‎04-17-2009

What RADIUS are you using?

You can edit the Profile, if using MS IAS and edit the option 'Allow access only on these days and at these times'

HTH

Steve

massimiliano.serafino · ‎04-20-2009

Hi,

I'm using FreeRADIUS...

Thank you.

Best regards.

Massimiliano.

massimiliano.serafino · ‎04-20-2009

Hi,

I've resolved.

In FreeRADIUS the attribute is "Login-Time"...

For examople in order to permit the login to one user only on interval range 8:00-24:00 on all days of the week we use Login-Time:='Al800-2400'

Best regards.

Massimiliano.

John Blakley · ‎04-17-2009

In theory, you should be able to create an access list that's time based and then apply it to your line.

router(config)# time-range TEST

router(config-time-range)# periodic weekdays 08:00 to 17:00

router(config-time-range)# ip access-list ext ALLOWEDTELNET

router(config-ext-nacl)# permit tcp any any eq 23 time-range TEST

router(config-ext-nacl)# line vty 0 4

router(config-line)# access-class ALLOWEDTELNET

I've never tried this, but it should work.

HTH,

John

HTH, John *** Please rate all useful posts ***

AxiomConsulting · ‎04-17-2009

John,

A very useful post!

Thanks

Steve