Time-range access-list

acutx5678 · ‎02-28-2014

For the last few days I've been trying to figure something out, I've added the below config to 3 switches. Now, it works like I want it to on 1 switch, but doesn't seem to on the others. 2 of the switches are 3560s, and it works on one of these the last one is a 2960.

ip access-list extended block

deny ip any any time-range block

permit ip any any

time-range block

periodic daily 20:00 to 8:00

cadet alain · ‎02-28-2014

Hi,

What do you mean by it is not working as expected ? on which type of interfaces is this ACL applied ?

Is the time-range active on the 2960 between 20 to 8 ?

Regards

Alain

Don't forget to rate helpful posts.

Jeff Van Houten · ‎03-01-2014

Do all the switches have their clock set correctly?

Sent from Cisco Technical Support iPad App

Leo Laohoo · ‎03-01-2014

periodic daily 20:00 to 8:00

This bit is incorrect. I am surprised to see you were able to enter this line without an error.

You need to enter two lines:

periodic daily 20:00 to 23:59
periodic daily 0:00 to 08:00

Sent from Cisco Technical Support Wii App

acutx5678 · ‎03-03-2014

Really? It seems to e working fine. Does it differ from one switch model to another?

acutx5678 · ‎03-03-2014

So a debug showed the interfaces were staying down. It started to work once the interfaces were brought back up.

Thanks everone who responded.