Technical Documentation

Configuring the Timeout Value for Idle Login Sessions

An idle login session is one in which the CLI operational mode prompt is displayed but there is no input from the keyboard. By default, a login session remains established until a user logs out of the router or switch, even if that session is idle. To close idle sessions automatically, you configure a time limit for each login class. If a session established by a user in that class remains idle for the configured time limit, the session automatically closes.

To define the timeout value for idle login sessions, include the idle-timeout statement at the [edit system login class class-name] hierarchy level:

[edit system login class class-name]idle-timeout minutes;

Specify the number of minutes that a session can be idle before it is automatically closed.

If you have configured a timeout value, the CLI displays messages similar to the following when timing out an idle user. It starts displaying these messages 5 minutes before timing out the user.

user@host# Session will be closed in 5 minutes if there is no activity.Warning: session will be closed in 1 minute if there is no activityWarning: session will be closed in 10 seconds if there is no activityIdle timeout exceeded: closing session

If you configure a timeout value, the session closes after the specified time has elapsed except if the user is running telnet or monitoring interfaces using the monitor interface or monitor traffic command.

Published: 2010-04-26