[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 924
  • Last Modified:

Why Cisco 6509 Limited To Only 2 Telnet Sessions

I have 2 Cisco 6509's with line vty 0 -4 and 5 - 15 configured.  But anytime there are 2 users logged on via telnet, additional sessions are not accepted.  I am unable to even telnet to other devices from  these switches.  When I run the "sho users, it only shows 2.  

se config:

line con 0
 exec-timeout 0 0
 password xxx
 login
line vty 0 4
 exec-timeout 60 0
 password xxx
 login
 transport input lat pad udptn telnet rlogin ssh
line vty 5 15
 password xxx
 login
 transport input lat pad udptn telnet rlogin ssh
!
exception core-file

When you try to telnet into these switches (the 6509's), it either hangs on Trying to open, or it says refused or blan screen.

Everything else seems to work fine.

Thanks
0
donemore2003
Asked:
donemore2003
  • 3
  • 3
  • 2
  • +2
7 Solutions
 
Istvan KalmarCommented:
Hi,

It seems somebody logged into the Switch?

Please show us the folowing:

show line
0
 
rochey2009Commented:
also try

show tcp brief
0
 
Istvan KalmarCommented:
and 'show user' command tells who is connected...
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
donemore2003Author Commented:
I can do "show line", who etc and it would show 2 connections .  Once that occurs, thr router cannot telnet to other routers or be telneted to...connections in or out are refused.
0
 
Istvan KalmarCommented:
intersting do you able to reload it or it is impossible?
0
 
donemore2003Author Commented:
No, this is the core switch of the entire network.  Everything seem to be working but just the telnet having problems.  
0
 
giltjrCommented:
What IOS are you running?  Are you in hybid  or native mode.

When I do a show line I can see that up to 5 of the vty lines have been used, so we have had at least 5 signed on at once.  I have 3 people signed on right now.
0
 
donemore2003Author Commented:
Right now I cannot even get in.  I am waiting for Cisco to work with me on that but any hekp from you in the mean time will be helpful.

When I am able to get on the switch, and run the "show line" command, there are no more than 2 vty in use.  

And I am runn ing native IOS.  Both swithes have 10 G modules with Sup 720 sup's.

IOS ver. 12.2(33)SXH3
0
 
giltjrCommented:
Do you have physical access to the box?  Can you use the console port on the Sup's?

I'm running  Native IOS at 12.2(18)SXF4 with 720's but not the 10G's.

I was thinking that somebody could have telnet'ed in but not signed on, but I just checked and the vty line will show in use as long as it is engaged in a telnet session.

Although I don't think you can do this, could you have a ACL that is some how limiting the number of telnet sessions?
0
 
harbor235Commented:


First off, there are no exec or session timeouts specified, I am wondering if you have old sessions occupying (hanging)  the remaining connections,

I would do the following;

1) clear any hung or not utulized connections
2) add vty configuration statements to gracefully clear conenctions after a specified time

I normally use the following additional vty commands;
exec-timeout 119   ( I use approx 2 hours before termination, 119 is minutes)
session-timeout 120
transport input ssh    (nail down the protocols to the ones youo are using, not more)

harbor235 ;}
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now