09-24-2009 10:15 AM - edited 03-04-2019 06:09 AM
Hi,
Please can some one help me with this?
I configured a time based access control list for our internet router to allow certain users access at different time and it is working ok. But my problem is that our network for now is not an always on network so each morning when we had to start the day, i have to manually set the clock time and date of the internet router to the current time so that the ACL can work properly.
Is there any way the time setting can be automated so that once started for the day, the time and date will synchronise with the current server time and date.
Thanks for your help.
Tom
Solved! Go to Solution.
09-24-2009 02:43 PM
How to configure an authoritative time server in Windows Server
09-24-2009 10:23 AM
Tom,
Depending on the version of IOS, you should just be able to do:
ntp server
or if the above doesn't work, use:
sntp server
You'll need to sync to a time server like time.nst.gov 192.43.244.18, or you'll need to configure your server as a stratum time server on Windows (not sure how to do that, but there's documentation on it.)
HTH,
John
09-24-2009 10:51 AM
Hi Tom,
You can use kron for this, relatively simply (unless you wish to use the previous solution of setting an ntp server on both router and host).
Here's a link to 12.3's documentation for kron/command scheduler:
http://www.cisco.com/en/US/docs/ios/12_3/feature/guide/g_kron.html
Basic example:
- enable
- config terminal
- kron policy-list mycronjob
- cli clock set hh:mm:ss
- exit
- enable
- conf t
- kron occurrence occurrence-name [user user] {in [[numdays:]numhours:]nummin | at hours:min [[month] day-of-month] [day-of-week]} {oneshot | recurring} (example: kron occurrence dothisdaily at 00:05 recurring)
- policy-list mycronjob
- exit
This will configure the kron to manually set the clock to a certain time. This is valid if you use a software clock and no ntp/etc. If your router uses NTP or has a hardware clock, then perhaps you can just use kron to enable/disable access lists or other methods of enabling/disabling access for users.
Verify it is setup right by doing:
show kron schedule
Hope that helps. Rate if you find this useful!
Cheers,
Tim
09-24-2009 06:00 PM
kron is not needed for NTP.
Once ntp is configured, it continuously synchronize the clock of the router and there is no more need to set it manually.
I recommend that you use NTP and synchronize your router.
Then you're router will always be synced and your time ACL wont be an issue anymore.
09-24-2009 11:25 AM
You might check if your router has an onboard calendar clock (e.g. show clock). If it does, set it, and router will have correct time when it restarts. Also, if possible, use something like NTP to insure this clock always has correct time.
09-24-2009 02:43 PM
How to configure an authoritative time server in Windows Server
09-24-2009 11:26 PM
Hi,
Thanks so much.
I accessed the link you refered me to, on how to configure authoritative time server. It's very imformative and helpful.
How can I get my routers to sync with the time server when configured.
Thanks.
Tom
09-28-2009 02:41 PM
Hi Tom,
Thanks for the rating.
As with John's post, this depends on your router. If your router supports only SNTP, then the most simplest command is sntp server
Hope this helps.
10-06-2009 08:42 AM
Hi Tom
This is a much easier path. Check out this sites http://www.meinberg.de/english/sw/ntp.htm and http://www.meinberg.de/english/sw/time-server-monitor.htm
You can install it on a XP machine. I just tried it with my router at home and it worked great.
Have fun :-)
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: