Thursday 28 November 2013

How to Configure EXEC and Absolute Timeouts

It is a common meeting time with the corporate security policy. Put it in a simple way, exec timeout exec to be configured after you terminate the exec session session idle timeout. The default value is 10 minutes.

But an absolute timeout the maximum amount of time for a single session can remain established. So if you have 12 minutes to more than an absolute timeout the user is active, the session will be disconnected after 12 minutes.

Absolute timeout, sometimes to the force and the exec session access on the server to terminate either if idle state after a specified period.

  • Than load if you use GNS3 CCNA free Binder GNS3 topology than starting system R1.
  • Create R1 than configuring a device with the device console session respects the hostname (s).
  • Create a loopback interface on R1 and assigns its IP address 10.1.1.1/32
  • Creating a 15-level permissions the user name and password, and authenticate local settings VTY lines.

Vty line through R1 than by establishing a Telnet session to a Loopback0 interface IP address, verify that you have configured on the configuration 4 0 exec timeout for a minute. Once authenticated, wait one minute.
Than two minutes absolute timeout on the VTY lines configured, please delete previously configured on the R1 ′ s vty line exec timeout configuration. By establishing a Telnet session to a Loopback0 interface IP address and wait for two minutes to verify your configuration. If correctly configured you will be disconnected automatically after 120 seconds.

Lab Instruction:

Step 1. Configure vty lines 4 x 0 minutes exec timeout and verify that your configuration telnet'ing to Loopback0 IP address authentication, then idle for 1 minutes.

R1 con0 is now available
Press RETURN to get started.
R1>enable
R1#configure terminal
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#line vty 0 4
R1(config-line)#exec-timeout 2
R1(config-line)#end
R1#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
User Access Verification
Username: 
Password: 
R1#
[Connection to 10.1.1.1 closed by foreign host]
R1#

Step 2. Than two minutes absolute timeout on the VTY lines configured, please delete previously configured on the R1 ′ s vty line exec timeout configuration. By establishing a Telnet session to a Loopback0 interface IP address and wait for two minutes to verify your configuration. If correctly configured you will be disconnected automatically after 120 seconds.

R1#configure terminal 
Enter configuration commands, one per line.  End with CNTL/Z.
R1(config)#line vty 0 4
R1(config-line)#no exec-timeout
R1(config-line)#absolute-timeout 2
R1(config-line)#end
R1#telnet 10.1.1.1
Trying 10.1.1.1 ... Open
User Access Verification
Username: tom
Password: 
R1#
* Line timeout expired
[Connection to 10.1.1.1 closed by foreign host]
R1#
Posted by Unknown at 23:49

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)