[ATP/FLEX] How to Set Up Session Control on Nebula

Zyxel_Kevin
Zyxel_Kevin Posts: 196
Zyxel Certified Network Administrator - Security Zyxel Certified Sales Associate 5 Answers First Comment
 Master Member
edited June 30 in Other Topics

Session Control allows you to limit the number of concurrent NAT/Security Policy sessions a client can use.  It can prevent the gateway's bandwidth from being exhausted by some clients which use too many sessions at one time.

 

Set up Session Control

Firewall > Configure > Security policy > Session Control

UDP Session Time Out:

Set how many seconds the Nebula Device will allow a UDP session to remain idle (without UDP traffic) before closing it.

 

Session Per Host:

Use this field to set a common limit to the number of concurrent NAT/Security Policy sessions each client computer can have.

If only a few clients use peer to peer applications, you can raise this number to improve their performance. With heavy peer to peer application use, lower this number to ensure no single client uses too many of the available NAT sessions.

Test result

Firewall > Monitor > Event log

When the session of a single host reaches the threshold, the following message can be observed from the log.