• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 947
  • Last Modified:

Why Cisco 6509 Limited To Only 2 Telnet Sessions

I have 2 Cisco 6509's with line vty 0 -4 and 5 - 15 configured.  But anytime there are 2 users logged on via telnet, additional sessions are not accepted.  I am unable to even telnet to other devices from  these switches.  When I run the "sho users, it only shows 2.  

se config:

line con 0
 exec-timeout 0 0
 password xxx
 login
line vty 0 4
 exec-timeout 60 0
 password xxx
 login
 transport input lat pad udptn telnet rlogin ssh
line vty 5 15
 password xxx
 login
 transport input lat pad udptn telnet rlogin ssh
!
exception core-file

When you try to telnet into these switches (the 6509's), it either hangs on Trying to open, or it says refused or blan screen.

Everything else seems to work fine.

Thanks
0
donemore2003
Asked:
donemore2003
  • 3
  • 3
  • 2
  • +2
7 Solutions
 
Istvan KalmarHead of IT Security Division Commented:
Hi,

It seems somebody logged into the Switch?

Please show us the folowing:

show line
0
 
rochey2009Commented:
also try

show tcp brief
0
 
Istvan KalmarHead of IT Security Division Commented:
and 'show user' command tells who is connected...
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
donemore2003Author Commented:
I can do "show line", who etc and it would show 2 connections .  Once that occurs, thr router cannot telnet to other routers or be telneted to...connections in or out are refused.
0
 
Istvan KalmarHead of IT Security Division Commented:
intersting do you able to reload it or it is impossible?
0
 
donemore2003Author Commented:
No, this is the core switch of the entire network.  Everything seem to be working but just the telnet having problems.  
0
 
giltjrCommented:
What IOS are you running?  Are you in hybid  or native mode.

When I do a show line I can see that up to 5 of the vty lines have been used, so we have had at least 5 signed on at once.  I have 3 people signed on right now.
0
 
donemore2003Author Commented:
Right now I cannot even get in.  I am waiting for Cisco to work with me on that but any hekp from you in the mean time will be helpful.

When I am able to get on the switch, and run the "show line" command, there are no more than 2 vty in use.  

And I am runn ing native IOS.  Both swithes have 10 G modules with Sup 720 sup's.

IOS ver. 12.2(33)SXH3
0
 
giltjrCommented:
Do you have physical access to the box?  Can you use the console port on the Sup's?

I'm running  Native IOS at 12.2(18)SXF4 with 720's but not the 10G's.

I was thinking that somebody could have telnet'ed in but not signed on, but I just checked and the vty line will show in use as long as it is engaged in a telnet session.

Although I don't think you can do this, could you have a ACL that is some how limiting the number of telnet sessions?
0
 
harbor235Commented:


First off, there are no exec or session timeouts specified, I am wondering if you have old sessions occupying (hanging)  the remaining connections,

I would do the following;

1) clear any hung or not utulized connections
2) add vty configuration statements to gracefully clear conenctions after a specified time

I normally use the following additional vty commands;
exec-timeout 119   ( I use approx 2 hours before termination, 119 is minutes)
session-timeout 120
transport input ssh    (nail down the protocols to the ones youo are using, not more)

harbor235 ;}
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now