now i m using inside ( 10.0.0.0) and outside (18.104.22.168)interfaces. my access list is
access-list 1 permit ip host 22.214.171.124 host 10.0.0.1 time-range abc
access-group 1 in interface outside
now at outside interface i have a pc attached with ip 126.96.36.199, i issued a ping command ping 10.0.0.1 -t and my ping was going successful but when my time expires so ping should also be stopped automatically right ?? but it didnt !! wats the problem is it a bug in ios or i m doing something wrong becoz as far as i know time based acls deny access after defined time but it was not happening in my case plz tell me how to use time acls
Hi .. access list checks traffic flow .. meaning that if a connections has been succesfully established .. then the rest of the packets belonging to the already established session will also be allowed. even if you modify the access list to deny a previously allowed connection, will not take effect until that connection has finished or it has been forced to re-established.
In your situation the time range will take effect for NEW attempts after the time range abc has expired.
technically speaking it should be OK for you since PING is a special case traffic. I don't think that you are after stopping PING using a time ACL. If you want to stop HTTP or SMTP for istance, your ACL will be OK and the last connections to be allowed are the ones that are already opened; any new connection will be denied.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...