Define a Time Range for a Policy
Time-based ASA Network policies allow access to networks and resources based on time of day. The time of day is defined by a time range object. Time range objects have a start time and an end time and can also be defined as a recurring event.
If time range objects are already defined on the ASA, you can associate them with a network policy. If time range objects do not already exist on the ASA, you will have to create them using the CLI tool in Defense Orchestrator or create them directly on the ASA.
Follow this procedure to add a time range for a network policy:
Procedure
Step 1 | Select . |
Step 2 | Select the network policy you want to edit. |
Step 3 | Click Edit Policy. |
Step 4 | In the Network Policy box, click the slider to enable time ranges. |
Step 5 | Create a time range object or Choose an existing time range object from the drop-down list. |
Step 6 | Click Save. |
Step 7 | Return to the Inventory page and select the device for which you just made the policy edit. You should see that the device is Not Synced. |
Step 8 | Click Preview and deploy... |
Step 9 | In the Device Sync box, review the commands that will create the policy and the rules in the policy. |
Step 10 | If you are satisfied with the proposed changes, click Apply Changes to Device. |
Step 11 | Review and deploy the changes you made now, or wait and deploy multiple changes at once. |