Meaning of content in a session table

56

A session table example is displayed as follows:
ID: a48f3648905d02c0553591da1 //Indicates the session ID.
zone: dmz -> trust //The first packet of the session is from the DMZ (source zone) to the Trust zone (destination zone).
ttl: 00:20:00 left: 00:19:43 //ttl indicates the aging time of the session table, and left indicates the remaining time for aging.
Interface: E1 Nexthop: 10.0.0.145 Mac: 00-00-5e-00-01-0f //Indicates the outbound interface, next-hop IP address, and MAC address of the first packet of the session.
<-- packets:686 bytes:50264 --> packets:500 bytes:40828 //<-- indicates the number of bytes and packets in the inbound direction of the session. --> indicates the number of bytes and packets in the outbound direction or within the zone.
121.14.74.21:14000<--10.252.204.111:16503 //<-- indicates that the first packet of the session is in inbound direction. --> indicates that the first packet of the session is in outbound direction or the same zone.
In session packet statistics, the arrow points the packet direction.
1. The following 10 packets are collected in the direction from 172.16.10.1 to 172.16.0.96.
udp VPN: public -> public
Zone: trust -> untrust TTL: 00:02:00 Left: 00:01:59
Interface: G2/0/1 Nexthop: 172.16.0.96 MAC: 00-00-00-00-00-00
<-- packets:0 bytes:0 --> packets:10 bytes:5636
172.16.10.1:1517-->172.16.0.96:1231
2. The following five packets are collected in the direction from 172.16.1.26 to 172.16.10.22.
udp VPN: public -> public
Zone: untrust -> trust TTL: 00:02:00 Left: 00:02:00
Interface: G2/0/0 Nexthop: 172.16.10.22 MAC: 00-00-00-00-00-00
<-- packets:5 bytes:7930 --> packets:0 bytes:0
172.16.10.22:1517<--172.16.1.26:48988

Other related questions:
Meaning of the license file content
Meaning of the license file content is as follows: Product: product name Feature: controlled function or feature Esn: ESN, case-sensitive Attrib: validity of a license file Resource: maximum number of resources available for a controlled function or feature

Session table query on a firewall
You can query the session table on the web UI and CLI. For the USG6000 series, on the web UI, choose Monitor > Session Table to query the session table and NAT detailed information. For the USG2000&5000 series, on the web UI, choose Firewall > Monitor > Session Table to query the session table. For the USG2000&5000 and USG6000 series, you can run the display firewall session table command to view the session table, or run the display firewall session table nat command to view the NAT session table.

Methods used to clear the session table of the USG6000 series
Run the reset firewall session table command to clear the session table. You can run the reset firewall ipv6 session command to clear the IPv6 session table.

Query of session information of a specific protocol
For the USG2000&5000 and USG6000 series, you can run the display firewall session table [ verbose ] protocol protocol-name command to view session information about a specific protocol. The protocol can be TCP, UDP, or ICMP.

Methods used to clear the session table of the USG2000&5000 series
Run the reset firewall session table command to clear the session table. You can run the reset firewall ipv6 session command to clear the IPv6 session table.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top