Time determined access to certain ports?

[nTT911]

Is there any way to configure the PIX 501 Firewall to grant access to a certain port only at a specific time of day?

The scenario is like this:
I only want gaming available after working hours. 08.00-16.00 ports are denied, 16.00-08.00 ports are open for gaming. Is this possible with my Firewall (Cisco PIX 501)? If not does anybody have an idea on how to make this happend?

I use Windows Server 2003 with clients running win xp through a domain.

 

[LloydSev]

The only way I know of, would require someone to do it manually.. which isn't all to tough, but still.. i don't know of any automated way.

Computer/Network Technician
CCNA

 

[ChrisAC]

This feature does not exist on the Pix but it does on Firewall-1. The only way that I can think that you would be able to do it would be to have a script on a *nix box running as a cron job that could ssh in and change the applied access list to an interface.

Possibly far too much messing about to be worth it.

Chris.

**********************
Chris A.C, CCNA, CCSA
**********************

 

[dopehead]

It does exist in the pix, but only in 7.0 which does not work on the pix 501 yet. also a cisco router has time based acl's


Network Systems Engineer
CCNA/CQS/CCSP/Infosec

 

[br0ck]

you might be able to use Kiwi CATTools to swap the config's on a schedule

http://www.kiwisyslog.com/products.htm#cattools

 

[NetworkGhost]

Off subject but how much different is 7.0 ? Is there any improvement on routing between multi VPNs? As in:

Client --vpn-->Pix<---vpn-->Pix--->Internal Host

I know the pix isnt a router but it would sure be nice to have this capability.

 

[dopehead]

Well, the docs say support for spoke to spoke communications, but i have not had a chance to test it yet.


Network Systems Engineer
CCNA/CQS/CCSP/Infosec

 

[nTT911]

Thnx for all the replies! I will try the cattools when i get the time and report back if its successfull! Thx again!