Managing Sessions
  • 07 Aug 2024
  • 3 Minutes to read
  • Contributors
  • PDF

Managing Sessions

  • PDF

Article summary

The unit’s management system provides multiple configurable management sessions to allow multiple users to control the unit.

To view current sessions, access the page System ▶Session ▶Management.

System ▶Session ▶Management

image.png

For more information on specific values, refer to the following table.

Current Sessions (System ▶Session ▶Management)

ParameterDescription
Session IDSession identification number.
TypeInterface the session is using.
HostIP address of the management station for that session.
UsernameThe user account that is currently logged in. An asterisk ( * ) appears beside your own session.
UptimeHow long the session has been active.
TerminateSelecting one or more sessions then clicking Terminate forces a log out.

Terminating a User Session

It may be sometimes necessary to terminate one or more sessions.


Note: You need the right privileges to terminate a session. Refer to "Managing Users and Privileges".

To terminate a session

  1. Access the page System ▶Session ▶Management.

  2. Select the session you want to terminate by checking the Terminate check box.

  3. Click the Terminate button.

The session is immediately terminated and the selected user is logged out.

Configuring Session Options

Use this page to configure the following session-related parameters:

  • The maximum number of CLI sessions allowed

  • The maximum number of web interface sessions allowed

  • The maximum number of total sessions (CLI and web combined)

  • The maximum number of concurrent NETCONF sessions that can be supported

  • The maximum number of seconds that a NETCONF session can remain idle before it is automatically logged out

  • The CLI timeout value

  • The file transfer timeout value, to ensure firmware updates and configuration maintenance entities have sufficient time to load successfully

  • The Management Web Interface timeout value

  • Whether or not a telnet server is enabled

  • The authentication order when users log in to the system

To configure session parameters

  1. Access the page System ▶Session ▶Configuration.

  2. Update the various session configuration parameters, then click Apply.

System ▶Session ▶Configuration

image.png

For more information on specific parameters, refer to the following tables.

Session Configuration (System ▶Session ▶Configuration)
General

ParameterDescription
Max CLI SessionsThe maximum number of concurrent CLI sessions that can be supported.
Max WEB SessionsThe maximum number of concurrent Management Web Interface sessions that can be supported.
Max NETCONF SessionsThe maximum number of concurrent NETCONF sessions that can be supported.

Note: Currently, the maximum number of concurrent NETCONF sessions is one.

Max Total SessionsThe total number of CLI and Management Web Interface sessions
that can be supported.
CLI TimeoutThe maximum number of seconds that a CLI session can remain idle before it is automatically logged out.
File Transfer TimeoutThe maximum number of seconds that must elapse before a file transfer (firmware upgrade, etc.) is automatically terminated.

Minimum value is 900 (15 minutes); maximum value is 3600 (60 minutes). Default value is 1800 (30 minutes).

WEB TimeoutThe maximum number of seconds that a Management Web Interface session can remain idle before it is automatically logged out.
NETCONF TimeoutThe maximum number of seconds that a NETCONF session can remain idle before it is automatically logged out.
Telnet ServerThe telnet server on the unit may be enabled or disabled.

Authentication

ParameterDescription
OrderThe authentication method to use in order of availability. Possible values are:
  • Local: Validate locally only
  • RADIUS: Validate on the RADIUS server only
  • Local-RADIUS: Validate locally first; if the validation does not succeed, then validate on the RADIUS server
  • RADIUS-Local: Validate on the RADIUS server first, and if the validation does not succeed, then validate on local server
  • Strict RADIUS-Local: Validate on the RADIUS server first. If the authentication fails, access is denied. The fall back to local only occurs when the RADIUS authentication times out.
  • TACACS+: Validate on the TACACS+ server only
  • Local-TACACS+: Validate locally first; if the validation does not succeed, then validate on the TACACS+ server
  • TACACS+-Local: Validate on the TACACS+ server first, and if the validation does not succeed, then validate on the local server
  • Strict TACACS+-Local: Validate on the TACACS+ server(s) first. If the authentication fails, access is denied. The fall back to local only occurs when the TACACS+ authentication process times out.

Notes:

If you plan on using a remote server for authentication, you should confirm that the remote system is functional before removing the local authentication. If you remove local authentication and the remote system is not working, you will lose access to the unit.

To ensure that authentication is working on the remote server, log in then out from the unit, then access the System ▶Agent ▶Syslog page. You should see a syslog message indicating a successful login attempt.

© 2024 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.