Wired Intelligent Edge

 View Only
last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Expand all | Collapse all

Telnet/SSH idle timeout problem

This thread has been viewed 16 times
  • 1.  Telnet/SSH idle timeout problem

    Posted Apr 25, 2022 10:52 AM
    Greetings, this is my first post here. We use OpenVAS to run vulnerability scans on 2930F access switches and a 3810M Core switch. The problem is that the OpenVAS would fill all the sessions without terminating any of them. We would have to manually go and kill the sessions with a console connection. I added the console idle-timeout 60 and it did kick me out in 1 minute but the next time the vulnerability scan was ran, the same happen again. 

    I don't know if that is the correct command or there is a bug on the firmware. 

    Thanks in advance for the help.

    Edgar Murray

  • 2.  RE: Telnet/SSH idle timeout problem

    Posted Jul 22, 2022 09:52 AM
    I'm having this same issue. Did you find a resolution?

  • 3.  RE: Telnet/SSH idle timeout problem

    Posted Jul 25, 2022 10:13 AM
    Make an exception to not scan the switch from OpenVAS.

    You could also open a support case to find out in which state OpenVAS leaves the session, and if there is a command to change the behavior on the switch. What may be happening is that OpenVAS does not login, but leaves the SSH (or telnet) session open. If it is telnet traffic, disable telnet on the switch, which you should do anyway for security hardening.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check https://www.arubanetworks.com/support-services/contact-support/ for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.