[ATP/FLEX] How to Set Up Session Control on Nebula

Options
Zyxel_Kevin
Zyxel_Kevin Posts: 755  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer
edited June 2023 in Other Topics

Session Control allows you to limit the number of concurrent NAT/Security Policy sessions a client can use.  It can prevent the gateway's bandwidth from being exhausted by some clients which use too many sessions at one time.

 

Set up Session Control

Configure > Firewall > Security policy > Session Control

UDP Session Time Out:

Set how many seconds the Nebula Device will allow a UDP session to remain idle (without UDP traffic) before closing it.

 

Session Per Host:

Use this field to set a common limit to the number of concurrent NAT/Security Policy sessions each client computer can have.

If only a few clients use peer to peer applications, you can raise this number to improve their performance. With heavy peer to peer application use, lower this number to ensure no single client uses too many of the available NAT sessions.

Test result

Monitor Firewall > Event log

When the session of a single host reaches the threshold, the following message can be observed from the log.