Overview of User Interfaces
When a user logs in to a switch through CLI, the system assigns a user interface to manage and monitor the session between the switch and user. Each user interface has a user interface view, where you can set parameters, such as the authentication mode and user level. Users logging in through the user interface are restricted by these parameters. Through the parameter configuration, uniform management of various user sessions can be implemented.
- Console user interface: manages and monitors users who log in through the console port. A switch provides the EIA/TIA-232 DCE console port. The serial port of a user terminal can be directly connected to the console port of the switch for local access. The console user interface is also used to manage and monitor users who log in through the mini USB port.
- Virtual type terminal (VTY) user interface: manages and monitors users who log in using VTY. A VTY connection is set up when a user uses Telnet or STelnet to log in to a switch. Currently, a switch supports concurrent access of a maximum of 15 VTY users.
- LTT: User logs in stack system through the non-master switch console port and the command configuration is not supported.
- WEB: Users who log in through Web system and the command configuration is not supported.
Relationship Between a User and a User Interface
User interfaces are used to manage and monitor users who have logged in to the switch using a specific method. Although a user interface can only be used by one user at a time, the user interface is not specific to the user.
When a user logs in, the system allocates the idle user interface with the smallest number to the user based on the user's login mode. The login process is restricted by the configuration in the user interface view. For example, when user A logs in through the console port, the login process depends on the configuration in the console user interface view; however, when user A logs in through VTY 1, the login process depends on the configuration in the VTY 1 user interface view. If a user logs in to a switch using different methods, the user will be allocated different user interfaces. If a user logs in to a switch at different time, the user may be allocated different user interfaces.
- When the maximum number of VTY user interfaces is set to 0, users (including Telnet and SSH users) cannot log in to the device through the VTY user interface, and web users cannot log in to the device through the web system.
- If the configured maximum number is less than the current maximum number of online users, the system forces users who do not pass the authentication and occupy the VTY channel for longer than 15 seconds to log out. New users can log in to the device through the VTY user interface.
- If the configured maximum number is greater than the current maximum number of online users, you need to configure an authentication mode for additional user interfaces.
- In the case of device login through a VTY channel, to avoid the access failure that occurs when the number of VTY connections exceeds the upper threshold, you can perform the following operations to check and configure the maximum number of VTY users who can log in to the device:
- Run the display user-interface maximum-vty command to check the maximum number of VTY users that are supported.
- Run the display user-interface command to check user interface information. The plus sign (+) indicates an occupied channel. If all channels are occupied, subsequent users cannot log in to the device. If an online user logs out, the user may fail to log in again when its channel is occupied by another user. In this case, run the user-interface maximum-vty number command to configure the maximum number of users who are allowed to log in.
If there are two consecutive occurrences in which the switch does not respond to commands on a VTY user interface for a prolonged period of time, the VTY user interface is locked. In this case, users can log in through another VTY user interface. The locked VTY user interface will become unlocked after the switch is restarted.
User Interface Numbering
User interfaces are numbered in either of the following modes:
Relative numbering
The numbering format is: user interface type + number.
This mode uniquely specifies a user interface or a group of user interfaces of the same type. Relative numbering adheres to the following rules:
Console user interface numbering: CON 0. When a user logs in to a stack system through the standby switch console port, LTT 0 is displayed on the user interface.
VTY user interface numbering: The first VTY user interface is VTY 0, the second VTY user interface is VTY 1, and so on.
Absolute numbering
This mode uniquely specifies a user interface or a group of user interfaces. You can run the display user-interface command to view user interfaces and their absolute numbers supported by a switch.
Each switch supports only one console user interface and 20 VTY user interfaces. You can run the user-interface maximum-vty command in the system view to set the maximum number of VTY user interfaces. The default value is 5. By default, user interfaces numbered VTY 16 to VTY 20 are reserved by the system and are not affected by the user-interface maximum-vty command.
Table 1 lists the default absolute numbers of the console and VTY user interfaces.
User Interface |
Description |
Absolute Number |
Relative Number |
|---|---|---|---|
Console user interface |
Manages and controls users who log in to a switch through the console port or mini USB port. |
0 |
0 |
VTY user interface |
Manages and controls users who log in to a switch using Telnet or STelnet. |
34 to 48, 50 to 54. Number 49 is reserved. Numbers 50 to 54 are reserved for the network management system. |
The first VTY user interface is VTY 0, the second VTY user interface is VTY 1, and so on. By default, VTYs 0 to 4 are available.
VTY 15 is reserved. VTYs 16 to 20 are reserved for the network management system. VTYs 16 to 20 can be used only when VTYs 0 to 14 are occupied and AAA authentication is configured. |
Authentication Modes and User Levels for User Interfaces
For details about authentication modes and user levels for user interfaces, see Overview of Authentication Modes and User Levels.