Re: Time based ACL on PIX? [7:37198]
I agree. You can't do it directly with a time-based list, because Pix doesn't support that (yet). You can use AAA as a workaround. ""Keyur Shah"" wrote in message news:[EMAIL PROTECTED].; > You can use AAA time-of-day access feature with PIX to accomplish this. > > -Keyur Shah- > CCIE# 4799 (Security; Routing and Switching) > css1,scsa,scna,mct,mcse,cni,mcne > Hello Computers > "Say Hello to Your Future!" > http://www.hellocomputers.com > Toll-Free: 1.877.794.3556 > Fremont: 510.795.6815 > Santa Clara: 408.496.0801 > Europe: +(44)20 7900 3011 > Fax: 510.291.2250 > > > -Original Message- > From: matt [mailto:[EMAIL PROTECTED]] > Sent: Monday, March 04, 2002 9:40 PM > To: [EMAIL PROTECTED] > Subject: Time based ACL on PIX? [7:37198] > > > Hi all- > > I sent this out earlier but it didn't seem to post?? > Anyway...I was wondering if it is possible to have > services behind a PIX restricted to time?? Kinda like > how you can with a Checkpoint. Initially I was > thinking this was not possible as I have conduit based configurations on all > the PIX's I maintainand am unaware of any such option on a conduit. But > then I saw the time-range option for an extended ACL. So, my > question: > > Can this be used on a PIX to limit access to a service > to say 1 ipand only between certain hours? Has > anyone does this...or is it even possible? > > I hope this makes sense. > > thanks, > > matt > > __ > Do You Yahoo!? > Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37338&t=37198 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: Time based ACL on PIX? [7:37198]
You can use AAA time-of-day access feature with PIX to accomplish this. -Keyur Shah- CCIE# 4799 (Security; Routing and Switching) css1,scsa,scna,mct,mcse,cni,mcne Hello Computers "Say Hello to Your Future!" http://www.hellocomputers.com Toll-Free: 1.877.794.3556 Fremont: 510.795.6815 Santa Clara: 408.496.0801 Europe: +(44)20 7900 3011 Fax: 510.291.2250 -Original Message- From: matt [mailto:[EMAIL PROTECTED]] Sent: Monday, March 04, 2002 9:40 PM To: [EMAIL PROTECTED] Subject: Time based ACL on PIX? [7:37198] Hi all- I sent this out earlier but it didn't seem to post?? Anyway...I was wondering if it is possible to have services behind a PIX restricted to time?? Kinda like how you can with a Checkpoint. Initially I was thinking this was not possible as I have conduit based configurations on all the PIX's I maintainand am unaware of any such option on a conduit. But then I saw the time-range option for an extended ACL. So, my question: Can this be used on a PIX to limit access to a service to say 1 ipand only between certain hours? Has anyone does this...or is it even possible? I hope this makes sense. thanks, matt __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37244&t=37198 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Time based ACL on PIX? [7:37198]
Hi all- I sent this out earlier but it didn't seem to post?? Anyway...I was wondering if it is possible to have services behind a PIX restricted to time?? Kinda like how you can with a Checkpoint. Initially I was thinking this was not possible as I have conduit based configurations on all the PIX's I maintainand am unaware of any such option on a conduit. But then I saw the time-range option for an extended ACL. So, my question: Can this be used on a PIX to limit access to a service to say 1 ipand only between certain hours? Has anyone does this...or is it even possible? I hope this makes sense. thanks, matt __ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=37198&t=37198 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]