Max Session and Session Limit Configuration
Overview
User can configure session-limit for Telnet and SSH sessions separately but this max-session parameter value takes the precedence to restrict the maximum number of sessions. If user configured this max-session to be 4, then the device would allow only maximum of 4 SSH and Telnet sessions collectively irrespective of the individual SSH and Telnet max-session configuration. Active sessions won't be disturbed even if the configured max-session limit is lesser than the current active sessions. Default value for max-session value is 40 in line mode. There is no default value for the telnet-server-limit and ssh-server-limit.
After configuring max-session parameter if user tries to configure SSH/Telnet sessions then the total value of Telnet and SSH session limit should be lesser than the max-session value otherwise error will be thrown.
If already Telnet and SSH session-limits configured, now if user is configuring max-session then there won't be any error but maximum number of sessions will be limited to max-session value.
Topology
The procedures in this section use the topology as mentioned below. Setup consists of one node acting as Telnet server.
Figure 17-26: Telnet topology
Configuration of Telnet Session Limit Lesser than Max-Session
#configure terminal | Enter configure mode |
(config)#no feature telnet vrf management | Disable Feature Telnet in VRF Managementv |
(config)#telnet server session-limit 12 vrf management | Configure the Session limit as 12 which is less than Max-Sesssion parameter in line VTY |
(config)#commit | Perform commit to submit the changes done |
(config)#feature telnet vrf management | Enable telnet feature in VRF management |
(config)#commit | Perform commit to submit the changes done |
(config)#exit | Exit configure mode |
Validation
Check that the maximum telnet session possible are 12 which is lesser than Max-Session limit parameter value in line VTY.
#show running-config telnet server
telnet server session-limit 12 vrf management
feature telnet vrf management
no feature telnet
Configuration of SSH Server Session Limit Lesser than Max-Session
Configure SSH Server Session limit to be lesser than Max-Session.
Topology
Setup consists of one node acting as SSH server.
Figure 17-27: SSH Server topology
Configuration of SSH Server Session Limit Lesser than Max-Session
#configure terminal | Enter configure mode |
(config)#no feature ssh vrf management | Disable feature SSH |
(config)#ssh server session-limit 12 vrf management | Configure SSH server session-limit to be lesser than Max-Session limit |
(config)#commit | Perform Commit to submit changes done |
(config)#feature ssh vrf management | Enable feature SSH |
(config)#commit | Perform commit to submit changes |
(config)#exit | Exit configure mode |
Validation
Check that the maximum SSH session possible are 12 which is lesser than Max-Session limit parameter value in line VTY.
#show running-config ssh server
feature ssh vrf management
ssh server session-limit 12 vrf management
no feature ssh
Configuration of Telnet Session Limit Greater than Max-Session
In the below section, configure Telnet Session limit to be greater than Max-Session limit.
Topology
Setup consists of one node acting as Telnet server.
Figure 17-28: Telnet Session Topology
Configuration of Telnet server Session-Limit to be greater than line-VTY max-session
#configure terminal | Enter configure mode |
(config)#no feature telnet vrf management | Disable feature telnet |
(config)#telnet server session-limit 12 vrf management | Configure Session-limit as 12 for telnet server |
(config)#commit | Perform commit to submit changes |
(config)#feature telnet vrf management | Enable Telnet server |
(config)#commit | Perform commit to submit changes |
(config)#line vty | Enter line VTY mode |
(config-line)#max-session 10 | Configure max-session as 10 |
(config-line)#commit | Perform commit to submit changes |
(config)#exit | Exit configure mode |
Validation
Check that the total telnet sessions possible is 10 even though telnet server session limit is configured as 12.
#show running-config telnet server
telnet server session-limit 12 vrf management
feature telnet vrf management
no feature telnet
#show running-config | grep max-session
max-session 10
Configuration of SSH Session Limit Greater than Max-Session
In the below section, configure SSH Session limit to be greater than Max-Session limit.
Topology
Setup consists of one node acting as SSH server.
Configuration of SSH server Session-Limit to be greater than line-vty max-session
#configure terminal | Enter configure mode |
(config)#no feature ssh vrf management | Disable feature SSH |
(config)#ssh server session-limit 12 vrf management | Configure Session-limit as 12 for SSH server |
(config)#commit | Perform commit to submit changes |
(config)#feature ssh vrf management | Enable SSH server |
(config)#commit | Perform commit to submit changes |
(config)#line vty | Enter line VTY mode |
(config-line)#max-session 10 | Configure max-session as 10 |
(config-line)#commit | Perform commit to submit changes |
(config)#exit | Exit configure mode |
Validation
Check that the total SSH sessions possible is 10 even though SSH server session limit is configured as 12.
#show running-config ssh server
feature ssh vrf management
ssh server session-limit 12 vrf management
no feature ssh
#show running-config | grep max-session
max-session 10
Last modified date: 11-03-2023