Juniper ScreenOS – Clearing Idle CLI Sessions
An idle CLI session can cause many problems including:
ScreenOS-> get config | inc “Untrust”
^—-Pipe command cannot be run concurrently. Being used by user:xxxxxxx(ID:97).
Check the number of CLI sessions:
ScreenOS-> get console
Console timeout: 0(minute), Page size: 24/24, debug: buffer
privilege 250, config was changed and not saved!, default save prompt on exit/reset: yes
ID State Duration Task Type Host
0 Login 531 ssh-cmd:32 SSH 192.168.1.99:15810
1 Login 59893 ssh-cmd:30 SSH 192.168.1.99:34082
2 Login 69430 ssh-cmd:29 SSH 192.168.1.99:25778
3 Logout 0 aux-cmd Local
4 Logout 0 savecfg Local
5 Logout 0 cmd Local
Check the TCP connections:
ScreenOS-> get socket
Socket Type State Remote IP Port Local IP Port
0 tcp4/6 listen :: 0 :: 80
1 tcp4/6 listen :: 0 :: 443
2 tcp4/6 listen :: 0 :: 23
4 tcp listen 0.0.0.0 0 0.0.0.0 12521
86 tcp4/6 listen :: 0 :: 22
440 tcp open 192.168.1.99 25778 172.16.1.50 22
441 tcp open 192.168.1.99 34082 172.16.1.50 22
443 tcp open 192.168.1.99 15810 172.16.1.50 22
2048 udp4/6 open :: 0 :: 500
2049 udp4/6 open :: 0 :: 4500
2050 udp4/6 open :: 0 :: 500
2051 udp4/6 open :: 0 :: 4500
2052 udp4/6 open :: 0 :: 123
2053 udp open 0.0.0.0 0 0.0.0.0 161
2054 udp open 0.0.0.0 0 0.0.0.0 0
Raw IP sockets:
Socket Type Remote IP Local IP Protocol
2304 raw 0.0.0.0 0.0.0.0 01h
2306 raw 0.0.0.0 0.0.0.0 01h
Raw packet sockets:
Socket Type Remote Mac Local Mac Protocol
2305 eth 000000000000 000000000000 0806h
ScreenOS->
Clear the sessions:
ScreenOS-> clear admin ?
all clear all active admins
lock clear the lock for admins
name active admin’s login name
ScreenOS-> clear admin all
ADM: All sessions (2) have been cleared.
ScreenOS->
