Sometimes we can meet such situation on a router or a switch:
 [labnario]display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 34 VTY 0 00:00:00 TEL 172.29.12.226 pass no Username : huawei
35 VTY 1 00:08:01 TEL 172.29.12.226 pass no Username : labnario
36 VTY 2 00:07:38 TEL 172.29.12.226 pass no Username : killer
37 VTY 3 00:07:00 TEL 172.29.12.226 pass no Username : killer
38 VTY 4 00:01:34 TEL 172.29.12.226 pass no Username : labnario
By default, on Huawei device, there are 5 vty lines available. If all these lines are occupied by users, no other user is able to access the device. Such situation can appear in 2 cases:
- The device is fully occupied by telnet users.
- All telnet sessions are hang.
The first case is normal and it can often happen. Sessions will be deleted when users log out from the device or their sessions’ idle-timeout expires. By default idle-timeout is set to 10 minutes.
The second case can be caused by idle-timeout of vty lines set to 0:
#
user-interface vty 0 4
authentication-mode aaa
idle-timeout 0 0
#
It means that this session never expires. If a user forget to log out from a device, vty line is still being occupied. This causes that a next user has no possibility to telnet the device.
If you have access by console port or you are already logged in by telnet, you can delete all unnecessary telnet sessions:
<labnario>free user-interface vty 4
Warning: User interface VTY4 will be freed. Continue? [Y/N]:y
[OK]
<labnario>display users
User-Intf Delay Type Network Address AuthenStatus AuthorcmdFlag
+ 34 VTY 0 00:00:00 TEL 172.29.12.226 pass no Username : huawei
35 VTY 1 00:13:14 TEL 172.29.12.226 pass no Username : labnario
36 VTY 2 00:12:51 TEL 172.29.12.226 pass no Username : killer
37 VTY 3 00:12:13 TEL 172.29.12.226 pass no Username : killer
To avoid such situation, configure idle-timout for vty lines different than 0:
#
user-interface vty 0 4
authentication-mode aaa
idle-timeout 15 0
#
You can also set maximum-vty sessions to 15 and configure the same parameters for all vty lines:
[labnario]user-interface maximum-vty 15
[labnario]user-interface vty 0 14
authentication-mode aaa
idle-timeout 15 0
Now you have 16 vty lines available.
Read More »