06-11-2009 01:43 AM - edited 03-06-2019 06:12 AM
Hi,
I know that this is a funny question to ask. But did anyone come across such technology, Cisco has timed based ACL, but do they have time based vlan membership for switch?
Thanks.
Solved! Go to Solution.
06-12-2009 02:43 AM
This can easily be achieved through EEM. USing time based event mode, we can simply specify which vlan(s) to create at which time and which ports to assign to them.
06-12-2009 05:13 AM
AFAIK this is not supported.
however there are as always workarounds.
What you can do is per port vlan and trap the link up, and through a script set the vlan of that swichport if you want a vlan to be X minutes from linkup.
If you want the Vlans to be at a certain time ie from 08:00 AM to 05:30 PM it should belong to vlan 2 and between 05:31 PM to 07:59 AM the next day you could use the kron and a small tcl script to set the ports at that time.
good luck hth
06-11-2009 02:22 AM
nope
06-11-2009 03:03 PM
There's time-based ACL so you create an ACL to allow/deny traffic based on time.
And also, depending on your IOS, you can use EnergyWise as well.
06-11-2009 03:33 PM
I suppose you could set up the ACS for time-based VLANs...you can specify a "time bound alternate group" for individual authenticated users...which could then pass back the RADIUS assigned VLAN attribute and assign it differently.
that said, you could tie this to 802.1x authentication to make something similar to what you describe, i think...though i have not tried it myself.
06-12-2009 02:43 AM
This can easily be achieved through EEM. USing time based event mode, we can simply specify which vlan(s) to create at which time and which ports to assign to them.
06-12-2009 05:13 AM
AFAIK this is not supported.
however there are as always workarounds.
What you can do is per port vlan and trap the link up, and through a script set the vlan of that swichport if you want a vlan to be X minutes from linkup.
If you want the Vlans to be at a certain time ie from 08:00 AM to 05:30 PM it should belong to vlan 2 and between 05:31 PM to 07:59 AM the next day you could use the kron and a small tcl script to set the ports at that time.
good luck hth
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: