Sessions limit reached and causing internet disruption

rookierunner Posts: 11
edited April 14 in Security
I have had my ZyWall 110 since August and things have been great until just a couple of weeks ago. I am starting to experience outages and when I look at the log files, I see the below repeated hundreds of times...
     warn                sessions-limit         ACCESS BLOCK                                    
     Maximum sessions per host (1000) was exceeded. [count=2]

After a couple of minutes, the messages disappear and everything works again.  Then minutes or days later it happens again.  Has anyone else experienced this? How do I troubleshoot and fix the issue?

All Replies

  • jonatan
    jonatan Posts: 64  Ally Member
    Uncheck Enable Session Limit or set default Session peer Host to 0.

  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,008  Zyxel Employee
    Thanks @jonatan 's information

    Please follow jonatan's direction and check it.
  • A few questions first...
    1. What does the session limit do?  My guess is something security related since it is located under the security control section.
    2. Why is it enabled by default?
    3. What do I lose by disabling it?
  • Zyxel_Charlie
    Zyxel_Charlie Posts: 1,008  Zyxel Employee

    1. This function is used to limit the number of concurrent sessions each hosts can have.
    2. Enable by default: To limit the users from consuming too much network resources. Normal network uses should not run over 1000(the default session limitation value) concurrent sessions supposedly.
    3. Users may run applications that will fork multiple sessions (e.g. torrent) and consume the bandwidth. 

  • I understand that this limits the number of concurrent session.  My question is why would I want to limit the number of sessions per host?  If it is to limit applications that fork multiple session, is there an easy way to identify those applications that do this?
  • Jeremylin
    Jeremylin Posts: 163  Master Member
    The HELP option on device shows that Accessing the Zyxel Device or network resources through the Zyxel Device requires a NAT session and corresponding Security Policy session. Therefore, I think if numerous session are created without limitation, the performance of device may be effected. 
    Also, the device only can detect which service is using by which user on session monitor page.
Sign In to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click on this button!