1. absolute timeout
2. idle timeout
3. Verify extends absolute timeout by Physical Equipment Cisco ISR 1841 15.0

IOS 15.8(3)M2

Topology 42bc1e5c-e081-4f89-82d4-4ea181c272c6 ip prefix-list lab

1. CML-P 2.0 Lab: routing-concepts.ip prefix-list.42bc1e5c.yaml · master · CCIE Enterprise Infrastructure v1.0 / labs · GitLab
2. Topology diagram: topologies.vsdx · master · CCIE Enterprise Infrastructure v1.0 / My Documents · GitLab

configure terminal
!
access-list 101 permit tcp any host 10.1.2.2 eq telnet
access-list 101 dynamic MARKET timeout 3 permit ip 172.16.0.0 0.0.255.255 192.168.0.0 0.0.255.255
access-list 101 permit eigrp any any
!
! telnet session established again, extends absolute timeout +6 miniutes.
access-list dynamic-extended
!
username john password ccie1234
username fred password ccie5678
username john autocommand access-enable host timeout 1
username fred autocommand access-enable host timeout 2
!
line vyt 0 15
 login local
!
interface GigabitEthernet 0/1
 ip access-group 101 in
!
end

ping 192.168.0.3 source Lo0
ping 192.168.0.3 source Lo1
telnet 10.1.2.2 /source-interface Lo0
ping 192.168.0.3 source Lo0
ping 192.168.0.3 source Lo1
telnet 10.1.2.2 /source-interface Lo1
ping 192.168.0.3 source Lo1

show access-lists

If

access-list dynamic-extended

enabled, telnet again

! First authentication by fred
telnet 10.1.2.2 /source-interface Lo0
! Second authentication by fred
telnet 10.1.2.2 /source-interface Lo0

extends 6 minutes

% List#101-MARKET absolute timer is extended

but absolute timeout not extended…. why…

Needs physical equipment lab?

R1 Console Log

R2 Console Log

1. Lock and Key（ダイナミックACL）- コンフィグ設定
2. Cisco: telnet