Meaning of content in a session table

A session table example is displayed as follows:
ID: a48f3648905d02c0553591da1 //Indicates the session ID.
zone: dmz -> trust //The first packet of the session is from the DMZ (source zone) to the Trust zone (destination zone).
ttl: 00:20:00 left: 00:19:43 //ttl indicates the aging time of the session table, and left indicates the remaining time for aging.
Interface: E1 Nexthop: 10.0.0.145 Mac: 00-00-5e-00-01-0f //Indicates the outbound interface, next-hop IP address, and MAC address of the first packet of the session.
<-- packets:686 bytes:50264 --> packets:500 bytes:40828 //<-- indicates the number of bytes and packets in the inbound direction of the session. --> indicates the number of bytes and packets in the outbound direction or within the zone.
121.14.74.21:14000<--10.252.204.111:16503 //<-- indicates that the first packet of the session is in inbound direction. --> indicates that the first packet of the session is in outbound direction or the same zone.
In session packet statistics, the arrow points the packet direction.
1. The following 10 packets are collected in the direction from 172.16.10.1 to 172.16.0.96.
udp VPN: public -> public
Zone: trust -> untrust TTL: 00:02:00 Left: 00:01:59
Interface: G2/0/1 Nexthop: 172.16.0.96 MAC: 00-00-00-00-00-00
<-- packets:0 bytes:0 --> packets:10 bytes:5636
172.16.10.1:1517-->172.16.0.96:1231
2. The following five packets are collected in the direction from 172.16.1.26 to 172.16.10.22.
udp VPN: public -> public
Zone: untrust -> trust TTL: 00:02:00 Left: 00:02:00
Interface: G2/0/0 Nexthop: 172.16.10.22 MAC: 00-00-00-00-00-00
<-- packets:5 bytes:7930 --> packets:0 bytes:0
172.16.10.22:1517<--172.16.1.26:48988

Other related questions:
Meaning of the license file content
Session table query on a firewall
If you have more questions, you can seek help from following ways:
To iKnow To Live Chat To Google
Scroll to top