Managing User Sessions
  • 25 Sep 2024
  • 3 Minutes to read
  • Contributors
  • PDF

Managing User Sessions

  • PDF

Article summary

The Cisco Provider Connectivity Assurance Sensor Control's management system provides multiple configurable management sessions to allow multiple users to control the Sensor Control.

To view current sessions, access the page System ▶ Session ▶ Management.

For more information on specific values, refer to the following table.

Current Sessions (System ▶ Session ▶ Management)

ParameterDescription
Session IDSession identification number
TypeInterface the session is using (Web or CLI)
HostIP address of the management station for that session
UsernameThe user account that is currently logged in. An asterisk (*) appears beside your own session.
UptimeHow long the session has been active
TerminateSelecting one or more sessions then clicking Terminate forces a log out.

Terminating a User Session

It may be sometimes necessary to terminate one or more sessions.


Note: You need the right privileges to terminate a session. Refer to "Managing Users and Privileges".

To terminate a session

  1. Access the page System ▶ Session ▶ Management.

  2. Select the session(s) you want to terminate by checking the Terminate check box.

  3. Click the Terminate button.
    Selected sessions are immediately terminated and selected users are logged out.

Configuring Session Options

Use this page to configure the following session-related parameters:

  • Maximum number of CLI sessions allowed
  • Maximum number of Management Web Interface sessions allowed
  • Maximum number of total sessions (CLI and web combined)
  • CLI timeout value
  • File transfer timeout value, to ensure firmware updates and configuration maintenance entities have sufficient time to load successfully
  • Management Web Interface timeout value
  • Enable or disable the telnet server
  • Authentication order when users log in to the system

To configure session parameters

  1. Access the page System ▶ Session ▶ Configuration.

  2. Update the various session configuration parameters, then click Apply.

System ▶ Session ▶ Configuration

image.png

For more information on specific parameters, refer to the following table.

Session Configuration (System ▶ Session ▶ Configuration)
General

ParameterDescription
Max CLI sessionsThe maximum number of concurrent CLI sessions that can be supported
Max WEB sessionsThe maximum number of concurrent Management Web Interface sessions that can be supported
Max Total sessionsThe total number of CLI and Management Web Interface sessions that can be supported
CLI timeoutThe maximum number of seconds that a CLI session can remain idle before it is automatically logged out
File transfer timeoutThe maximum number of seconds that must elapse before a file transfer (firmware upgrade, history data file transfers, configuration files, etc.) is automatically terminated.

Minimum value is 900 (15 minutes); maximum value is 3600 (60 minutes). Default value is 1800 (30 minutes).

WEB timeoutThe maximum number of seconds that a Management Web Interface session can remain idle before it is automatically logged out
Telnet serverThe telnet server on the Sensor Control may be enabled or disabled

Authentication

ParameterDescription
OrderThe authentication method to use, in order of availability. Possible values are:
  • Local: Validate locally only
  • RADIUS: Validate on the RADIUS server only
  • Local-RADIUS: Validate locally first; if the validation does not succeed, then validate on the RADIUS server
  • RADIUS-Local: Validate on the RADIUS server first, and if the validation does not succeed, then validate on local server
  • Strict RADIUS-Local: Validate on the RADIUS server first. If the authentication fails, access is denied. The fall back to local only occurs when the RADIUS authentication times out.
  • TACACS+: Validate on the TACACS+ server only
  • Local-TACACS+: Validate locally first; if the validation does not succeed, then validate on the TACACS+ server
  • TACACS+-Local: Validate on the TACACS+ server first, and if the validation does not succeed, then validate on the local server
  • Strict TACACS+-Local: Validate on the TACACS+ server(s) first. If the authentication fails, access is denied. The fall back to local only occurs when the TACACS+ authentication process times out.

Notes: If you plan on using a remote server for authentication, you should confirm that the remote system is functional before removing the local authentication. If you remove local authentication and the remote system is not working, you will lose access to the unit.

To ensure that authentication is working on the remote server, log in then out from the unit, then access the System ▶ Agent ▶ Syslog page. You should see a syslog message indicating a successful login attempt.

© 2024 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks



Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.