(1 votes, average: 5.00 out of 5)
Loading ...
Print This PostCreate an access-list that matches a client workstation subnet, but only during the day.
Router(config)# time-range DAY (creates a new time range)
Router(config-time-range)# periodic weekdays 6:00 to 22:00 (matches weekdays from 6:00am to 10:00pm)
Router(config-time-range)# periodic weekend 6:00 to 22:00 (matches weekends from 6:00am to 10:00pm)
Router(config-time-range)# exit
Router(config)# ip access-list extended CLIENTS
Router(config-ext-nacl)# permit ip 192.168.100.0 0.0.0.255 any time-range DAY
Router(config-ext-nacl)# exit
Router(config)#
Create a class-map (used for QoS) that matches the CLIENTS access-list we just created.
Router(config)# class-map MATCH_CLIENTS (MATCH_SERVER is just the name)
Router(config-class-map)# match access-group name CLIENTS (ties in the access-list above)
Router(config-class-map)# exit
Router(config)#
Create a policy-map (used for QoS) that throttles the bandwidth.
Router(config)# policy-map LIMIT_CLIENTS (creates the policy)
Router(config-pmap)# class MATCH_CLIENTS (applies policy to this class)
Router(config-pmap-c)# police 80000 (limits bandwidth to 80Kbps)
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)#
Apply the new policy to the incoming interface, which is the internal network.
Router(config)# interface fa0/0
Router(config-if)# service-policy input LIMIT_CLIENTS
Author Info:
Scott's profession is a Senior Network Engineer at a Healthcare related company in Nashville, TN. When he is not trying to secure a network or come up with a design for a new project, he enjoys spending time with his family. You can find out more at: http://www.scottp.net
