Sorry i am not aware of any other options ... if not other suggestions / replies then i would say to contact the support which are helpful as well

Hi trevdance. You don't say what Draytek model you have, but these instructions work on a 2850n...

Basically, you set up a couple of objects specifying your IP ranges (and one group to cover them both) and a couple of schedules to specify the time restrictions. Then you create a firewall ruleset which applies the scheduled restrictions to the IP address objects.

1. IP Objects and Groups

First, set up two IP Objects (via Objects Setting -> IP Group) to represent your two IP ranges, thus:

Name: 192.168.1.4x
Interface: LAN/RT/VPN
Address type: Range address
Start IP Address: 192.168.1.40
End IP Address: 192.168.1.49

Name: 192.168.1.5x
Interface: LAN/RT/VPN
Address type: Range address
Start IP Address: 192.168.1.50
End IP Address: 192.168.1.59

... and then add an IP Group (via Objects Setting -> IP Group) containing both of the ranges, thus:

Name: Restricted IPs
Interface: LAN
Selected IP Objects:
192.168.1.4x
192.168.1.5x

2. Create Schedules

Now create the schedules under Applications -> Schedule. While you only really want two schedules, I find there are issues with schedules that straddle midnight. As a result, I'd suggest creating three schedules, as follows:

Index 1 (Used to restrict 192.168.1.4x access in evening)
Enable: Yes
Start Date: 2000.01.01
Start Time: 21:30
Duration: 02:30
Action: Force On
How Often: Weekdays - Sun, Mon, Tue, Wed, Thu, Fri, Sat

Index 2 (Used to restrict 192.168.1.5x access in evening)
Enable: Yes
Start Date: 2000.01.01
Start Time: 22:30
Duration: 01:30
Action: Force On
How Often: Weekdays - Sun, Mon, Tue, Wed, Thu, Fri, Sat

Index 3 (Used to restrict access at night)
Enable: Yes
Start Date: 2000.01.01
Start Time: 00:00
Duration: 08:00
Action: Force On
How Often: Weekdays - Sun, Mon, Tue, Wed, Thu, Fri, Sat

You'll use schedules 1 and 2 to restrict IP range 192.168.1.4x, and schedules 1 and 3 to restrict ip range 192.168.1.5x.

Part 2 to follow...

Part 2...

3. Create Firewall Ruleset

Now, you'll create a set of rules to apply the restrictions. The first rule will allow the IP ranges to access the Internet, and rules 2 and 3 will block access at night/evening for each of the two ranges. I'll assume here the rules will be added as firewall ruleset 3: if you already have a ruleset 3 defined, use ruleset 4 (and adjust the values as needed).

First, go to Firewall -> Filter Setup -> Set 2, and link this to set 3 (set the "Next Filter set" drop-down list to "Set#3"). This will ensure your ruleset is properly applied. Now go to Firewall -> Filter Setup -> Set 3 and add the following 3 rules:

Set 3
Comments: Nighttime Restrictions

Rule 1 active: Yes
Enabled: Yes
Comments: Allow Internet
Schedule indexes: none
Clear sessions when schedule ON: Yes
Direction: LAN/RT/VPN -> WAN
Source IP: Restricted IPs (as IP group)
Destination IP: Any
Service Type: Any
Fragments: Don't care
Filter: Pass if no further match
Quality of Service: None
Load-Balance policy: Auto-select
User Management: None
APP Enforcement: None
URL Content Filter: None
Web Content Filter: None

Rule 2 active: Yes
Enabled: Yes
Comments: Block Grp 1
Schedule indexes: 1, 3
Clear sessions when schedule ON: Yes
Direction: LAN/RT/VPN -> WAN
Source IP: 191.168.1.4x (as IP object)
Destination IP: Any
Service Type: Any
Fragments: Don't care
Filter: Block immediately

Rule 3 active: Yes
Enabled: Yes
Comments: Block Grp 2
Schedule indexes: 2, 3
Clear sessions when schedule ON: Yes
Direction: LAN/RT/VPN -> WAN
Source IP: 191.168.1.5x (as IP object)
Destination IP: Any
Service Type: Any
Fragments: Don't care
Filter: Block immediately

The first rule allows (Internet) access to both ranges unless there are subsequent rules that block their access.
The second rule blocks Internet access to IP range 192.168.14.x at the scheduled times.
The third rule blocks Internet access to IP range 192.168.15.x at the scheduled times.

Enjoy.

Thank you cocospm.

It worked a treat as changed the times to test all the ip addresses. Everything is as it should be.

Thanks again for all the time and effort in writing a very clear step by step guide.