×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Time-based ACLs

Unanswered Question
Sep 5th, 2002
User Badges:

Dear Sir!


I've some questions about:


Q1: If I use a few 'periodic' entries AND one 'absolute' entry in my time-based ACL in time-range section, then time-based ACL don't work. But when I use

a few 'periodic' entries OR one 'absolute' entry (i.e. separately), then it works.

Why?


Q2: I use external NTP-server to synchronize router.

Then I define 'clock timezone' and 'clock summer-time'. Why ACLs log messages use hardware-timer, but not software clock? - in IOS docs 'clock update-calendar' used for sync hard-timer from soft-timer

But there are no such command

in my IOS image (c2600-jk8o3s-mz.122-6.bin). Why?


I tell about it, because time-based ACL use soft-time, but ACL messages log use hard-time, and because I've 'clock timezone', there are difference between

soft and hard- timer values


Best regards,

Nick

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bkganesh Thu, 09/05/2002 - 10:17
User Badges:
  • Cisco Employee,

Answer to your first question:


If you have a few periodic entries and one absolute entry in a time-range, the periodic entries will be valid within the time-bounds defined by the single absolute entry. Eg., if you have two periodic entries, 1. mon-wed 2. thu-fri and one absolute entry - 1st Jan 2002 to 1st Oct 2002, periodic entries mon-wed & thu-fri will be active only within 1st jan 2002 to 1st oct 2002.


Hope this helps.


-Ganesh.

Actions

This Discussion