Solved

All cisco VTY lines used up on 3750.

Posted on 2010-11-12
19
2,056 Views
Last Modified: 2012-05-10
All the VTY lines on my 3750 show used up. I am not able to clear or disconnect the line. I have one session active on the device. No new sessions can be established. I did a sh tcp br and it should only my active session. How do i clear the unused line?
0
Comment
Question by:hkdv
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 9
19 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34120145
what shows the folloring?
sh line
0
 

Author Comment

by:hkdv
ID: 34120165
"  *   "next to each line..
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34120510
you able to kick the user:

clear line x
0
How our DevOps Teams Maximize Uptime

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us. Read the use case whitepaper.

 

Author Comment

by:hkdv
ID: 34120879
sh line
   Tty Typ     Tx/Rx    A Modem  Roty AccO AccI   Uses   Noise  Overruns   Int
*    0 CTY              -    -      -    -    -      0       1     0/0       -
*    1 VTY              -    -      -    -    -     39       0     0/0       -
*    2 VTY              -    -      -    -    -      4       0     0/0       -
*    3 VTY              -    -      -    -    -      9       0     0/0       -
*    4 VTY              -    -      -    -    -      5       0     0/0       -
*    5 VTY              -    -      -    -    -      1       0     0/0       -
*    6 VTY              -    -      -    -    -   1419       0     0/0       -
*    7 VTY              -    -      -    -    -     86       0     0/0       -
*    8 VTY              -    -      -    -    -   1912       0     0/0       -
*    9 VTY              -    -      -    -    -     24       0     0/0       -
*   10 VTY              -    -      -    -    -      2       0     0/0       -
*   11 VTY              -    -      -    -    -      1       0     0/0       -
*   12 VTY              -    -      -    -    -      1       0     0/0       -
*   13 VTY              -    -      -    -    -      1       0     0/0       -
*   14 VTY              -    -      -    -    -      1       0     0/0       -
*   15 VTY              -    -      -    -    -      1       0     0/0       -
*   16 VTY              -    -      -    -    -    116       0     0/0       -

TXD-VA01-A#clear line 1
[confirm]
 [OK]
TXD-VA01-A#sh line
   Tty Typ     Tx/Rx    A Modem  Roty AccO AccI   Uses   Noise  Overruns   Int
*    0 CTY              -    -      -    -    -      0       1     0/0       -
*    1 VTY              -    -      -    -    -     39       0     0/0       -
*    2 VTY              -    -      -    -    -      4       0     0/0       -
*    3 VTY              -    -      -    -    -      9       0     0/0       -
*    4 VTY              -    -      -    -    -      5       0     0/0       -
*    5 VTY              -    -      -    -    -      1       0     0/0       -
*    6 VTY              -    -      -    -    -   1419       0     0/0       -
*    7 VTY              -    -      -    -    -     86       0     0/0       -
*    8 VTY              -    -      -    -    -   1912       0     0/0       -
*    9 VTY              -    -      -    -    -     24       0     0/0       -
*   10 VTY              -    -      -    -    -      2       0     0/0       -
*   11 VTY              -    -      -    -    -      1       0     0/0       -
*   12 VTY              -    -      -    -    -      1       0     0/0       -
*   13 VTY              -    -      -    -    -      1       0     0/0       -
*   14 VTY              -    -      -    -    -      1       0     0/0       -
*   15 VTY              -    -      -    -    -      1       0     0/0       -
*   16 VTY              -    -      -    -    -    116       0     0/0       -
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34121569
Hi,

It seems somebody attacking the device...
what show the 'sh users' command output?

you need to create acl for vty:

access-list 23 permit x.x.x.x
line vty 0 15
 ip access-group 23 in

0
 

Author Comment

by:hkdv
ID: 34121733
Seems the connections have been this way for a year and about 5 weeks for some :S

TXD-VA01-A#  sh user
    Line       User       Host(s)              Idle       Location
   0 con 0                idle                    2y20w  
   1 vty 0                idle                    2y18w 10.7.200.4
   2 vty 1                idle                    2y19w 10.7.200.30
   3 vty 2                idle                    2y19w 10.7.200.30
   4 vty 3                idle                    2y19w 10.7.200.30
   5 vty 4                idle                    2y19w 10.7.200.30
   6 vty 5                idle                    1y22w 10.7.205.220
   7 vty 6                idle                    1y21w 10.7.205.220
   8 vty 7                idle                     5w3d 10.7.205.220
   9 vty 8                idle                     5w3d 10.7.205.220
  10 vty 9                idle                     5w3d 10.7.205.220
  11 vty 10               idle                     5w3d 10.7.205.220
  12 vty 11               idle                     5w3d 10.7.205.220
  13 vty 12               idle                     5w3d 10.7.205.220
  14 vty 13               idle                     5w3d 10.7.205.220
  15 vty 14               idle                     5w3d 10.7.205.220
* 16 vty 15               idle                 00:00:00 10.7.204.152


how do i clear this?
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34121802
clear line 15
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34121830
and I advise to set idle timeout on vty:
line vty 0 15
 timeout login response 60

0
 

Author Comment

by:hkdv
ID: 34121906
before i clear line 15, is there a way to determine which line i am connected to?
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34122128
The asterisk shops whicjh line is yours...
* 16 vty 15               idle                 00:00:00 10.7.204.152
0
 

Author Comment

by:hkdv
ID: 34123345
I dont want to kill my connection to the device. That is the only connection we have to the device right now :S
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34123797
you able to kill vty 0 to 14
0
 

Assisted Solution

by:hkdv
hkdv earned 0 total points
ID: 34123858
tried it.. nothing changed! wondering it is a cisco bug..
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34124450
'clear line 1'?
0
 
LVL 5

Expert Comment

by:BooSTid
ID: 34124508
This is what happens when no timeout is configured on a vty line; sessions that you leave never timeout. If you can't clear them, I believe only a router reboot will clear the sessions. Do what ikalmar said as far as setting the timeout, then attempt to clear. If unsuccessful, make sure your config is saved to startup, and reboot the router.
0
 

Author Comment

by:hkdv
ID: 34124583
Have the exec timeout already set

line vty 0 4
 access-class <ACL> in
 exec-timeout 15 0
 password 7 <xxxx>
 logging synchronous
 transport input telnet ssh
 transport output telnet ssh
line vty 5 15
 access-class <ACL> in
 exec-timeout 15 0
 password 7 xxxxx
 logging synchronous
 transport input telnet ssh
 transport output telnet ssh
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 200 total points
ID: 34124623
if the clera line isn't working you need to reload the device!
0
 

Author Comment

by:hkdv
ID: 34124775
thanks!! will do that...
0
 

Author Closing Comment

by:hkdv
ID: 34153371
It is related to a cisco bug.CSCsg64652. Hence reloading
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Network ports are the threads that hold network communication together. They are an essential part of networking that can be easily ignore or misunderstood, my goals is to show those who don't have a strong network foundation how network ports opera…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question