From: Aly, Yasser (Yasser.Aly@getronics.com)
Date: Mon Sep 12 2005 - 06:33:28 GMT-3
Hi Mohammed,
You are right I was confused and the description I provided for
session-timeout is for absolute-timeout. So I will re-phrase per
documentation CD
absolute-timeout
To set the interval for closing the connection, use the absolute-timeout
command in line configuration mode. To restore the default, use the no
form of this command.
Usage Guidelines
This command terminates the connection after the specified time period
has elapsed, regardless of whether the connection is being used at the
time of termination. You can specify an absolute-timeout value for each
port. The user is given 20 seconds notice before the session is
terminated. You can use this command in conjunction with the
logout-warning command, which notifies the user of an impending logout.
Related Commands
Logout-warning: Warns users of an impending forced timeout
Session-timeout: Sets the interval for closing the connection
when there is no input or output traffic.
Exec-timeout was not mentioned as a related command to these commands
and its description in the Doc CD is as follows:
exec-timeout
To set the interval that the EXEC command interpreter waits until user
input is detected, use the exec-timeout command in line configuration
mode. To remove the timeout definition, use the no form of this command.
Defaults
10 minutes
Command Modes
Line configuration
Usage Guidelines
If no input is detected during the interval, the EXEC facility resumes
the current connection. If no connections exist, the EXEC facility
returns the terminal to the idle state and disconnects the incoming
session.
To specify no timeout, enter the exec-timeout 0 0 command.
Regards,
Yasser
-----Original Message-----
From: Mohammed El-Komy (moelkomy) [mailto:moelkomy@cisco.com]
Sent: Monday, September 12, 2005 10:09 AM
To: Aly, Yasser; Brian Dennis; ccielab@groupstudy.com
Subject: RE: limiting the inactivity period under vty lines
Hi Yasser,
The explanation of the "session-timeout" in the Doc-CD is different from
what you're saying
Router(config-line)# session-timeout minutes [output]
Sets the idle session timeout interval.
Router(config-line)# absolute-timeout minutes
Sets the absolute timeout interval
Regards,
-------------------------------------------------------------------
Mohamed ElKomy
Cisco Systems, Systems Engineer
Office: +2024885300
GSM: +20121022297
FAX: +2024885400
-----Original Message-----
From: Aly, Yasser [mailto:Yasser.Aly@getronics.com]
Sent: Monday, September 12, 2005 9:21 AM
To: Mohammed El-Komy (moelkomy); Brian Dennis; ccielab@groupstudy.com
Subject: RE: limiting the inactivity period under vty lines
Hi Mohammed,
Actually both command are not the same and have different effects.
"Session-timeout 5" command is an absolute value regardless of whether
your session is active or not. That's to say, session will disconnect
after 5 minutes even if it is still active.
"Exec-timeout 5" on the other hand means disconnect the session if 5
minutes of inactivity passed, so your session can last more than 5
minutes as long as you do not exceed 5 minutes of inactivity.
Based on the wording of the question you can tell which one is the
correct answer.
Regards,
Yasser
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Mohammed El-Komy (moelkomy)
Sent: Sunday, September 11, 2005 11:35 PM
To: Brian Dennis; ccielab@groupstudy.com
Subject: RE: limiting the inactivity period under vty lines
Brian,
I've already tried those commands before; I'm not asking for the sake of
real life cause I know their effects....I'm asking for lab purpose to
get the more accurate answer based on the wording of the question.
But if both of them fulfill the task wording, that would be fine cause
sometimes I feel that more than one command can do the task but the task
wording carries a hidden meaning to make you fulfill it with a certain
command.
Regards,
-------------------------------------------------------------------
Mohamed ElKomy
Cisco Systems, Systems Engineer
Office: +2024885300
GSM: +20121022297
FAX: +2024885400
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Brian Dennis
Sent: Sunday, September 11, 2005 11:22 PM
To: Mohammed El-Komy (moelkomy); ccielab@groupstudy.com
Subject: RE: limiting the inactivity period under vty lines
Mohamed,
Don't take this the wrong way but you'll learn far more by just
doing tasks like this over relying on someone's answer. You just need
one router and about 10 minutes to lab both of these up.
HTH,
Brian Dennis, CCIE #2210 (R&S/ISP-Dial/Security)
bdennis@internetworkexpert.com
Internetwork Expert, Inc.
http://www.InternetworkExpert.com
Toll Free: 877-224-8987
Direct: 775-745-6404 (Outside the US and Canada)
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
Mohammed El-Komy (moelkomy)
Sent: Sunday, September 11, 2005 12:47 PM
To: ccielab@groupstudy.com
Subject: limiting the inactivity period under vty lines
Guys,
1- If I need for example to limit the telnet user to be disconnected
after 5 minutes of inactivity, shall I use
Line vty 0 4
Exec-timeout 5
or
Line vty 0 4
Session-timeout 5
Is there a difference or do both of them fulfill the task?
2- If I need a banner message to be displayed to telnet users that says
"Access to Network is prohibited", shall I use
Banner login "...."
Or
Banner motd "...."
Which of them is more accurate in such a case?
Regards,
-------------------------------------------------------------------
Mohamed ElKomy
Cisco Systems, Systems Engineer
Office: +2024885300
GSM: +20121022297
FAX: +2024885400
This archive was generated by hypermail 2.1.4 : Sun Oct 02 2005 - 14:40:14 GMT-3