Configure session table aging time of the firewall on an AR router

Background information
A router creates session tables for data flows that pass the firewall over TCP, UDP, or ICMP. The session tables record connection status of the protocols. If packets do not hit a record within the aging time (the aging time expires), corresponding session entry is deleted. To modify the aging time of a protocol, configure the session table aging time of the firewall.
Operation procedure
Run the system-view command to access the system view.
Run the firewall-nat session { dns | ftp | ftp-data | http | icmp | tcp | tcp-proxy | udp | sip | sip-media | rtsp | rtsp-media | pptp | pptp-data } aging-time time-value command to configure the session table aging time of the firewall.
By default, the aging time of different protocols is as follows: DNS (120s), FTP (120s), FTP-data (120s), HTTP (120s), ICMP (20s), TCP (600s), TCP-proxy (10s), UDP (120s), SIP (1800s), SIP-media (120s), RTSP (60s), RTSP-media (120s), PPTP (600s), and PPTP-data (600s).
You are advised to use the default aging time.
Check the configuration result.
Run the display firewall-nat session aging-time command to check information about the session table aging time.
Note: The AR510 series routers do not support the keywords SIP and SIP-media.

Scroll to top