Cisco Security Appliance System Clock
The second method of configuring the time setting on the Security Appliance is by using the
system clock. The system clock is usually set when you answer the initial setup interview
question when you are configuring a new Cisco Security Appliance. You can change it later
using the clock set command:
clock set hh:mm:ss month day year
Three characters are used for the month parameter. The year is a four-digit number. For
example, to set the time and date to 17:51 and 20 seconds on April 9, 2003, you would enter
the following:
clock set 17:51:20 apr 9 2003
Cisco PIX Firewall version 6.2 included improvements to the clock command. The clock
command now supports daylight saving (summer) time and time zones. To configure daylight
saving time, enter the following command:
clock summer-time zone recurring [week weekday month hh:mm week weekday
month hh:mm [offset]]
Table 6-14 describes the parameters for the clock command.
Table 6-14 clock Command Parameters
Command Parameter Description
summer-time Automatically switches to summer time (for display purposes only).
zone Specifies the name of the time zone.
recurring Indicates that summer time should start and end on the days
specified by the values that follow this keyword. The summer time
rule defaults to the United States rule.
Configuring Login Banners on the Cisco Security Appliance 163
Time zones are set only for display. Setting a time zone does not change the internal Security
Appliance time, which is kept according to Coordinated Universal Time (UTC). To set the
time zone, use the clock timezone command. The syntax for the command is as follows:
clock timezone zone hours [minutes]
The following clock summer-time command specifies that summer time starts on the first
Sunday in April at 2 A.M. and ends on the last Sunday in October at 2 A.M.:
pix(config)# clock summer-time PDT recurring 1 Sunday April 2:00 last Sunday
October 2:00
You can check your clock configuration by simply entering the show clock command as
shown in Example 6-9.
Configuring Login Banners on the Cisco Security Appliance
PIX Firewall version 6.3 introduced support for message-of-the-day (MOTD), EXEC, and
login banners, similar to the feature included in Cisco IOS Software. Banner size is limited
only by available system memory or Flash memory.
Command Parameter Description
week Specifies the week of the month. The week is 1 through 4.
week day Sets the day of the week (Sunday, Monday).
month Specifies the full name of the month, such as April.
hh:mm Specifies the time in 24-hour clock format.
offset Specifies the number of minutes to add during summer. The default
is 60 minutes.
Example 6-9 show clock Sample Output
PIXFW# show clock
10:04:06.334 PDI Thu Feb 13 2004
NOTE In 2007, the United States will be extending Daylight Savings Time (DST) by a
month. Starting in 2007, DST will start on the second Sunday in March and will end on
the first Sunday in November. The following clock command will set the Security
Appliance to the new DST setting (to be precise, summer begins on June 21, or
thereabouts):
pix(config)# clock summer-time PDT recurring 2 Sunday March 2:00 1 Sunday
November 2:00