06-12-2017 07:38 AM - edited 02-21-2020 10:32 AM
My secondary ACS server shows me an ever growing list of disconnected sessions when I log into it. The list starts with the following message:
Following disconnected ssh sessions are available to resume.
I would like to ensure all disconnected sessions are closed immediately (or as soon as possible) after the user disconnects. Some of these sessions are months old. How do I go about doing this?
Thanks!
The ACS Server is Linux Based, here is the show ver:
show ver
Cisco Application Deployment Engine OS Release: 2.2
ADE-OS Build Version: 2.2.3.002
ADE-OS System Architecture: x86_64
Copyright (c) 2005-2015 by Cisco Systems, Inc.
All rights reserved.
Hostname: SECONDARY
Version information of installed applications
---------------------------------------------
Cisco ACS VERSION INFORMATION
-----------------------------
Version : 5.8.1.4
Internal Build ID : B.462
Solved! Go to Solution.
06-13-2017 02:09 PM
Hello,
I believe you can clear sessions by doing the following:
sh users
forceout <username>
You should also be able to set a timeout with terminal session-timeout ## command.
06-15-2017 07:55 AM
Hmm, that's interesting. You might have to restart ACS if your able. The timeout sessions should be able to prevent this from happening again.
06-13-2017 02:09 PM
Hello,
I believe you can clear sessions by doing the following:
sh users
forceout <username>
You should also be able to set a timeout with terminal session-timeout ## command.
06-14-2017 11:12 AM
One of my users is user - with a few dozen disconnected sessions. Forceout user does not close the disconnected sessions. Same with admin.
I cannot use the terminal session-timeout command, it is not a known command.
EDIT: The command does exist, it is just not in the config t portion, but in the main enable portion instead, oddly enough. I am adding in a 60 min timeout.
06-15-2017 07:55 AM
Hmm, that's interesting. You might have to restart ACS if your able. The timeout sessions should be able to prevent this from happening again.
06-15-2017 07:54 PM
The timeout-sessions does not show in the config anywhere, though it accepted the command readily enough. I rebooted and all the sessions are gone. I will have to see if they return.
Thanks for the help so far!!
03-08-2024 04:29 AM
The forceout command also works on ISE 2.7, I had a stuck tail session and the 30 minute timeout wasn't kicking it. forceout did the trick, thank you
06-26-2017 12:31 PM
It has stayed cleared since the last reload of the box. I believe it was adding the terminal session-timeout 60 command and saving the config, then doing a reload that fixed it.
Thank you VERY much!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide