06-12-2017 07:38 AM - edited 02-21-2020 10:32 AM
My secondary ACS server shows me an ever growing list of disconnected sessions when I log into it. The list starts with the following message:
Following disconnected ssh sessions are available to resume.
I would like to ensure all disconnected sessions are closed immediately (or as soon as possible) after the user disconnects. Some of these sessions are months old. How do I go about doing this?
Thanks!
The ACS Server is Linux Based, here is the show ver:
show ver
Cisco Application Deployment Engine OS Release: 2.2
ADE-OS Build Version: 2.2.3.002
ADE-OS System Architecture: x86_64
Copyright (c) 2005-2015 by Cisco Systems, Inc.
All rights reserved.
Hostname: SECONDARY
Version information of installed applications
---------------------------------------------
Cisco ACS VERSION INFORMATION
-----------------------------
Version : 5.8.1.4
Internal Build ID : B.462
Solved! Go to Solution.
06-13-2017 02:09 PM
Hello,
I believe you can clear sessions by doing the following:
sh users
forceout <username>
You should also be able to set a timeout with terminal session-timeout ## command.
06-15-2017 07:55 AM
Hmm, that's interesting. You might have to restart ACS if your able. The timeout sessions should be able to prevent this from happening again.
06-13-2017 02:09 PM
Hello,
I believe you can clear sessions by doing the following:
sh users
forceout <username>
You should also be able to set a timeout with terminal session-timeout ## command.
06-14-2017 11:12 AM
One of my users is user - with a few dozen disconnected sessions. Forceout user does not close the disconnected sessions. Same with admin.
I cannot use the terminal session-timeout command, it is not a known command.
EDIT: The command does exist, it is just not in the config t portion, but in the main enable portion instead, oddly enough. I am adding in a 60 min timeout.
06-15-2017 07:55 AM
Hmm, that's interesting. You might have to restart ACS if your able. The timeout sessions should be able to prevent this from happening again.
06-15-2017 07:54 PM
The timeout-sessions does not show in the config anywhere, though it accepted the command readily enough. I rebooted and all the sessions are gone. I will have to see if they return.
Thanks for the help so far!!
03-08-2024 04:29 AM
The forceout command also works on ISE 2.7, I had a stuck tail session and the 30 minute timeout wasn't kicking it. forceout did the trick, thank you
06-26-2017 12:31 PM
It has stayed cleared since the last reload of the box. I believe it was adding the terminal session-timeout 60 command and saving the config, then doing a reload that fixed it.
Thank you VERY much!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: