After an administrator provides appropriate credentials and successfully logs into a router, the router could become vulnerable to attack if the administrator walks away. To help prevent an unattended router from becoming a security weakness, a
10-minute inactivity timer is enabled
by default. However, Cisco recommends that inactivity timers be set to no more than
3 minutes. Fortunately, administrators can adjust the inactivity windows with the
exec-timeout minutes [seconds] command, issued in line configuration mode. Consider
Example, which shows setting the inactivity timer for the console, auxiliary, and vty lines to 2 minutes and 30 seconds.
Example:
Setting an Inactivity Timer
Router#
conf term
Router(config)#
line con 0
Router(config-line)#
exec-timeout 2 30
Router(config-line)#
exit
Router(config)#
line aux 0
Router(config-line)#
exec-timeout 2 30
Router(config-line)#
exit
Router(config)#
line vty 0 4
Router(config-line)#
exec-timeout 2 30
NOTE Although it
isn’t recommended, you can disable the inactivity timer by entering a
0 for both the minutes and seconds arguments in the
exec-timeout command (that is,
exec-timeout 0 0).
See Also:
bi
Oos
No comments:
Post a Comment