NetVanta 1550-48P running NV1550A-R11-10-7 firmware. Every time I log into the web management input the username and password and the next page displays while page "Too many sessions allocated " and I need to telnet in and reboot the switch. Anyone else have this issue before?
The Adtran device only allows a limited number of web sessions at one time. Two possibilities:
One is that your web server is open to the Internet and random attackers are connecting and attempting to brute-force guess passwords. You can lock this down as follows:
1. Create an access list including just your trusted management networks.
ip access-list standard admin-access-list
permit [network] [inverse mask]
permit [network] [inverse mask]
...
2. Apply this access list to router administration.
http ip access-class admin-access-list in
http ip secure-access-class admin-access-list in
line telnet 0 4
ip access-class admin-access-list in
line ssh 0 4
ip access-class admin-access-list in
3. If you have SNMP enabled on the device, lock it down similarly.
The other is that you have many legitimate web sessions open and the web server is blocking further new connections. This can be controlled as follows:
There's a command to limit the number of active sessions from none to 100. The default is 100 so unless someone has changed it this isn't likely the problem. Syntax is as follows:
http session-limit [0 to 100]
Also, set a timeout so that abandoned sessions close within a reasonable time. Syntax, with the number specifying seconds:
http session-timeout [10 to 86400]
The default is 600 seconds, or ten minutes with no activity, which should usually be OK.
My best guess is that the web interface is open to the world and someone or several someones are trying to guess passwords.
We are using the 1550 as a switch only, no routing and it's on a private network, no access to the outside world. I am going to try to adjust the session-limit and session timeout and see if that helps.
Thanks for suggestions.