Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2317
Views
0
Helpful
2
Replies

Exec-Timeout Recommendations

Go to solution
jason.hines
Level 1
Level 1

‎01-19-2005 01:53 AM - edited ‎03-02-2019 09:09 PM

Can anybody point me in the right direction for exec-times values. What are the cisco recommended values?

What we wouldn't want is if we set them to low to be timed out when ciscoworks is downloading new sofware versions, this would also need taking into account.

Any help would be gratefully received.

Jason

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to glen.grant

‎01-19-2005 06:12 AM

The fact that the default value is 10 minutes can probably be understood as the Cisco recommendation.

I think that every network should think through this question in terms of how they want to manage things. Frequently it is a tradeoff between enhancing security and convenience. The shorter the timeout the less likely that anyone else might get into an inactive session but the more likely that you may lose a session if you get distracted while doing something on the router. It may also reflect how the session is used most often - if you typically log into a device to do a specific task the shorter the timeout should be. But if you frequently log in to monitor activity then a longer timeout is appropriate.

The one trend in timeout that worries me is that some people set the timeout to zero which means there is no timeout at all. While I may sometimes do this is a test environment, I think it is a very bad idea for a production machine.

HTH

Rick

HTH

Rick

View solution in original post

0 Helpful
2 Replies 2

Go to solution
glen.grant
VIP Alumni
VIP Alumni

‎01-19-2005 05:14 AM

We set ours at 15 minutes , anything shorter can be a pain if you are working on a box and you have do something else for a few minutes . Don't know if there are reccomended values or not .

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to glen.grant

‎01-19-2005 06:12 AM

The fact that the default value is 10 minutes can probably be understood as the Cisco recommendation.

I think that every network should think through this question in terms of how they want to manage things. Frequently it is a tradeoff between enhancing security and convenience. The shorter the timeout the less likely that anyone else might get into an inactive session but the more likely that you may lose a session if you get distracted while doing something on the router. It may also reflect how the session is used most often - if you typically log into a device to do a specific task the shorter the timeout should be. But if you frequently log in to monitor activity then a longer timeout is appropriate.

The one trend in timeout that worries me is that some people set the timeout to zero which means there is no timeout at all. While I may sometimes do this is a test environment, I think it is a very bad idea for a production machine.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents