Re: telnet session hung

Networkx · ‎04-15-2018

a-01-e-01#who
Line User Host(s) Idle Location
388 vty 0 i_user idle 1w3d 192.168.1.139
389 vty 1 i_user idle 3d20h 192.168.1.181
390 vty 2 i_user idle 5d18h 192.168.1.181
391 vty 3 i_user idle 2d20h 192.168.1.181
*392 vty 4 anco idle 00:03:00 xx.96.xx.x

Interface User Mode Idle Peer Address
Vi4 ITCL PPPoATM 00:00:07 10.236.221.1

I managed to login above router after many tries as the router was refusing connections. I figured out that out of 5 virtual ports for telnet, 4 are being used by one TACACS use i_user. Though i have setup idle time out settings in my config, i wonder why this user's session didnt get disconnected.

a-01-e-01#sh run | s line vty
line vty 0 4
access-class LOG-IN in
exec-timeout 5 0
timeout login response 60
logging synchronous
login authentication aeco-tacacs
length 0
transport input telnet ssh

any thoughts ?

johnd2310 · ‎04-15-2018

Hi

Try adding the following to your config:

service tcp-keepalives-in
service tcp-keepalives-out

https://www.cisco.com/c/en/us/support/docs/dial-access/asynchronous-connections/14957-tcpkeepalive.html

Thanks

John

**Please rate posts you find helpful**

Georg Pauwen · ‎04-17-2018

Hello,

in addition to John's post, also try and clear the lines as following:

1. At the exec prompt, enter:

a-01-e-01#sh tcp brief

This should give you a list such as the one below:

TCB Local Address Foreign Address (state)
6353F5E8 10.10.5.5.1721 10.12.3.24.12874 SYNRCVD
63555A14 10.10.5.5.1721 10.12.3.23.12816 SYNRCVD
6353AEFC 10.10.5.5.1721 10.12.3.24.12872 SYNRCVD
6350B2DC 10.10.3.5.1721 10.12.3.24.12875 SYNRCVD
63488D44 10.10.3.5.22 10.12.3.23.11265 ESTAB
63571718 10.10.3.5.1721 10.12.3.24.12914 SYNRCVD

Now clear the sessions one by one by using the command below:

a-01-e-01#clear tcp tcb 6353F5E8