Max Session and Session Limit Configuration
Overview
User can configure session-limit for Telnet and SSH sessions separately but this max-session parameter value takes the precedence to restrict the maximum number of sessions. If user configured this max-session to be 4, then the device would allow only maximum of 4 SSH and Telnet sessions collectively irrespective of the individual SSH and Telnet max-session configuration. Active sessions won't be disturbed even if the configured max-session limit is lesser than the current active sessions. Default value for max-session value is 40 in line mode. There is no default value for the telnet-server-limit and ssh-server-limit.
After configuring max-session parameter if user tries to configure SSH/Telnet sessions then the total value of Telnet and SSH session limit should be lesser than the max-session value otherwise error will be thrown.
If already Telnet and SSH session-limits configured, now if user is configuring max-session then there won't be any error but maximum number of sessions will be limited to max-session value.
Topology
The procedures in this section use the topology as mentioned below. Setup consists of one node acting as Telnet server.
Telnet topology
Configuration of Telnet Session Limit Lesser than Max-Session
#configure terminal | Enter configure mode |
(config)#no feature telnet vrf management | Disable Feature Telnet in VRF Managementv |
(config)#telnet server session-limit 12 vrf management | Configure the Session limit as 12 which is less than Max-Sesssion parameter in line VTY |
(config)#commit | Perform commit to submit the changes done |
(config)#feature telnet vrf management | Enable telnet feature in VRF management |
(config)#commit | Perform commit to submit the changes done |
(config)#exit | Exit configure mode |
Validation
Check that the maximum telnet session possible are 12 which is lesser than Max-Session limit parameter value in line VTY.
#show running-config telnet server
telnet server session-limit 12 vrf management
feature telnet vrf management
no feature telnet
Configuration of SSH Server Session Limit Lesser than Max-Session
Configure SSH Server Session limit to be lesser than Max-Session.
Topology
Setup consists of one node acting as SSH server.
SSH Server topology
Configuration of SSH Server Session Limit Lesser than Max-Session
#configure terminal | Enter configure mode |
(config)#no feature ssh vrf management | Disable feature SSH |
(config)#ssh server session-limit 12 vrf management | Configure SSH server session-limit to be lesser than Max-Session limit |
(config)#commit | Perform Commit to submit changes done |
(config)#feature ssh vrf management | Enable feature SSH |
(config)#commit | Perform commit to submit changes |
(config)#exit | Exit configure mode |
Validation
Check that the maximum SSH session possible are 12 which is lesser than Max-Session limit parameter value in line VTY.
#show running-config ssh server
feature ssh vrf management
ssh server session-limit 12 vrf management
no feature ssh
Configuration of Telnet Session Limit Greater than Max-Session
In the below section, configure Telnet Session limit to be greater than Max-Session limit.
Topology
Setup consists of one node acting as Telnet server.
Telnet Session Topology
Configuration of Telnet server Session-Limit to be greater than line-VTY max-session
#configure terminal | Enter configure mode |
(config)#no feature telnet vrf management | Disable feature telnet |
(config)#telnet server session-limit 12 vrf management | Configure Session-limit as 12 for telnet server |
(config)#commit | Perform commit to submit changes |
(config)#feature telnet vrf management | Enable Telnet server |
(config)#commit | Perform commit to submit changes |
(config)#line vty | Enter line VTY mode |
(config-line)#max-session 10 | Configure max-session as 10 |
(config-line)#commit | Perform commit to submit changes |
(config)#exit | Exit configure mode |
Validation
Check that the total telnet sessions possible is 10 even though telnet server session limit is configured as 12.
#show running-config telnet server
telnet server session-limit 12 vrf management
feature telnet vrf management
no feature telnet
#show running-config | grep max-session
max-session 10
Configuration of SSH Session Limit Greater than Max-Session
In the below section, configure SSH Session limit to be greater than Max-Session limit.
Topology
Setup consists of one node acting as SSH server.
Configuration of SSH server Session-Limit to be greater than line-vty max-session
#configure terminal | Enter configure mode |
(config)#no feature ssh vrf management | Disable feature SSH |
(config)#ssh server session-limit 12 vrf management | Configure Session-limit as 12 for SSH server |
(config)#commit | Perform commit to submit changes |
(config)#feature ssh vrf management | Enable SSH server |
(config)#commit | Perform commit to submit changes |
(config)#line vty | Enter line VTY mode |
(config-line)#max-session 10 | Configure max-session as 10 |
(config-line)#commit | Perform commit to submit changes |
(config)#exit | Exit configure mode |
Validation
Check that the total SSH sessions possible is 10 even though SSH server session limit is configured as 12.
#show running-config ssh server
feature ssh vrf management
ssh server session-limit 12 vrf management
no feature ssh
#show running-config | grep max-session
max-session 10