Managing User Sessions

  • Updated on Sep 25, 2024
  • Published on Jan 7, 2022
  • 3 minute(s) read
  • AC
 Prev Next

The Cisco Provider Connectivity Assurance Sensor Control's management system provides multiple configurable management sessions to allow multiple users to control the Sensor Control.

To view current sessions, access the page System â–¶ Session â–¶ Management.

For more information on specific values, refer to the following table.

Current Sessions (System â–¶ Session â–¶ Management)

Parameter Description
Session ID Session identification number
Type Interface the session is using (Web or CLI)
Host IP address of the management station for that session
Username The user account that is currently logged in. An asterisk (*) appears beside your own session.
Uptime How long the session has been active
Terminate Selecting one or more sessions then clicking Terminate forces a log out.

Terminating a User Session

It may be sometimes necessary to terminate one or more sessions.

Note: You need the right privileges to terminate a session. Refer to "Managing Users and Privileges".

To terminate a session

  1. Access the page System â–¶ Session â–¶ Management.

  2. Select the session(s) you want to terminate by checking the Terminate check box.

  3. Click the Terminate button.
    Selected sessions are immediately terminated and selected users are logged out.

Configuring Session Options

Use this page to configure the following session-related parameters:

  • Maximum number of CLI sessions allowed
  • Maximum number of Management Web Interface sessions allowed
  • Maximum number of total sessions (CLI and web combined)
  • CLI timeout value
  • File transfer timeout value, to ensure firmware updates and configuration maintenance entities have sufficient time to load successfully
  • Management Web Interface timeout value
  • Enable or disable the telnet server
  • Authentication order when users log in to the system

To configure session parameters

  1. Access the page System â–¶ Session â–¶ Configuration.

  2. Update the various session configuration parameters, then click Apply.

System â–¶ Session â–¶ Configuration

image.png

For more information on specific parameters, refer to the following table.

Session Configuration (System â–¶ Session â–¶ Configuration)
General

Parameter Description
Max CLI sessions The maximum number of concurrent CLI sessions that can be supported
Max WEB sessions The maximum number of concurrent Management Web Interface sessions that can be supported
Max Total sessions The total number of CLI and Management Web Interface sessions that can be supported
CLI timeout The maximum number of seconds that a CLI session can remain idle before it is automatically logged out
File transfer timeout The maximum number of seconds that must elapse before a file transfer (firmware upgrade, history data file transfers, configuration files, etc.) is automatically terminated.

Minimum value is 900 (15 minutes); maximum value is 3600 (60 minutes). Default value is 1800 (30 minutes).
WEB timeout The maximum number of seconds that a Management Web Interface session can remain idle before it is automatically logged out
Telnet server The telnet server on the Sensor Control may be enabled or disabled

Authentication

Parameter Description
Order The authentication method to use, in order of availability. Possible values are:
  • Local: Validate locally only
  • RADIUS: Validate on the RADIUS server only
  • Local-RADIUS: Validate locally first; if the validation does not succeed, then validate on the RADIUS server
  • RADIUS-Local: Validate on the RADIUS server first, and if the validation does not succeed, then validate on local server
  • Strict RADIUS-Local: Validate on the RADIUS server first. If the authentication fails, access is denied. The fall back to local only occurs when the RADIUS authentication times out.
  • TACACS+: Validate on the TACACS+ server only
  • Local-TACACS+: Validate locally first; if the validation does not succeed, then validate on the TACACS+ server
  • TACACS+-Local: Validate on the TACACS+ server first, and if the validation does not succeed, then validate on the local server
  • Strict TACACS+-Local: Validate on the TACACS+ server(s) first. If the authentication fails, access is denied. The fall back to local only occurs when the TACACS+ authentication process times out.

Notes: If you plan on using a remote server for authentication, you should confirm that the remote system is functional before removing the local authentication. If you remove local authentication and the remote system is not working, you will lose access to the unit.

To ensure that authentication is working on the remote server, log in then out from the unit, then access the System â–¶ Agent â–¶ Syslog page. You should see a syslog message indicating a successful login attempt.

© 2025 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms
For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks