Users Guide

Table Of Contents
Configure the maximum number of concurrent login sessions in CONFIGURATION mode.
OS10(config)# login concurrent-session limit number
limit number Sets the maximum number of concurrent login sessions allowed for a user ID, from 1 to 12; default
10.
When you configure the maximum number of allowed concurrent login sessions, take into account that:
Each remote VTY connection counts as one login session.
All login sessions from a terminal emulator on an attached console count as one session.
Configure concurrent login sessions
OS10(config)# login concurrent-session limit 4
If you log in to the switch after the maximum number of concurrent sessions are active, an error message displays. To log in to
the system, close one of your existing sessions.
OS10(config)# login concurrent-session limit 4
Too many logins for 'admin'.
Last login: Wed Jan 31 20:37:34 2018 from 10.14.1.213
Connection to 10.11.178.26 closed.
Current sessions for user admin:
Line Location
2 vty 0 10.14.1.97
3 vty 1 10.14.1.97
4 vty 2 10.14.1.97
5 vty 3 10.14.1.97
Virtual terminal line ACLs
To limit Telnet and SSH connections to the switch, apply access lists on a virtual terminal line (VTY).
There is no implicit deny rule. If none of the configured conditions match, the default behavior is to permit. If you need to deny
traffic that does not match any of the configured conditions, explicitly configure a deny statement.
1. Create IPv4 or IPv6 access lists with permit or deny filters; for example:
OS10(config)# ip access-list permit10
OS10(config-ipv4-acl)# permit ip 172.16.0.0 255.255.0.0 any
OS10(config-ipv4-acl)# exit
OS10(config)#
2. Enter VTY mode using the line vty command in CONFIGURATION mode.
OS10(config)# line vty
OS10(config-line-vty)#
3. Apply the access lists to the VTY line with the {ip | ipv6} access-class access-list-name command in
LINE-VTY mode.
OS10(config-line-vty)# ip access-class permit10
View VTY ACL configuration
OS10(config-line-vty)# show configuration
!
line vty
ip access-class permit10
ipv6 access-class deny10
OS10(config-line-vty)#
1344
Security