DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
Maximum sessions reached
- prospects
- Topic Author
- Offline
- Junior Member
-
17 May 2011 12:05 #1
by prospects
Maximum sessions reached was created by prospects
I've had a quick look for this and cannot see it but apologies if it has been asked and I missed it...
We have just upgraded one of our 2820 routers from 3.3.3 to 3.3.5.2 and have started to experience a problem whereby the router refuses to allow Internet access and comes up with a message that reads:
You have reached the maximum number of permitted Internet sessions.
Please close one or more applications to allow furthur Internet access.
Contact your system administrator for further information.
Looking at the router it shows approx 40 NAT sessions active but the firewall shows 14984/15000 sessions in the 'Session Control' box which is obviously the problem. There are about 30 people onsite plus a couple of servers so what could be causing this problem?
The upper limit of sessions appears to be 15000 and that should be plenty but I keep hitting it - a reboot clears the sessions but within an hour they are back over 6000 and keep rising reaching 15000 after about 3 hours.
The PCs are all virus scanned regularly and *appear* to be clean although that is a possibility I suppose but is there anything else that could cause this problem? 3.3.3 on the same site with the same router was no issue, the problem only started when we went to 3.3.5.2
We have just upgraded one of our 2820 routers from 3.3.3 to 3.3.5.2 and have started to experience a problem whereby the router refuses to allow Internet access and comes up with a message that reads:
Please close one or more applications to allow furthur Internet access.
Contact your system administrator for further information.
Looking at the router it shows approx 40 NAT sessions active but the firewall shows 14984/15000 sessions in the 'Session Control' box which is obviously the problem. There are about 30 people onsite plus a couple of servers so what could be causing this problem?
The upper limit of sessions appears to be 15000 and that should be plenty but I keep hitting it - a reboot clears the sessions but within an hour they are back over 6000 and keep rising reaching 15000 after about 3 hours.
The PCs are all virus scanned regularly and *appear* to be clean although that is a possibility I suppose but is there anything else that could cause this problem? 3.3.3 on the same site with the same router was no issue, the problem only started when we went to 3.3.5.2
Please Log in or Create an account to join the conversation.
- nealuk
- User
-
- prospects
- Topic Author
- Offline
- Junior Member
-
17 May 2011 13:08 #3
by prospects
Replied by prospects on topic Re: Maximum sessions reached
Thanks for the suggestions, I'll have a look and let you know if I can spot the problem.
Edit: Bandwidth Management >> Session Limit shows disabled, I can enable it but I'll perhaps leave that one for later when I am on site so I can be sure no examinations are taking place. Diagnostics >> Data Flow Monitor shows a current session of 153 with a peak of 1352 but the Firewall >> General Setup > Sessions Control shows 14982
I've installed Wireshark to look for any unusual activity, if and when I have an answer I'll be sure to post it
Edit: Bandwidth Management >> Session Limit shows disabled, I can enable it but I'll perhaps leave that one for later when I am on site so I can be sure no examinations are taking place. Diagnostics >> Data Flow Monitor shows a current session of 153 with a peak of 1352 but the Firewall >> General Setup > Sessions Control shows 14982
I've installed Wireshark to look for any unusual activity, if and when I have an answer I'll be sure to post it
Please Log in or Create an account to join the conversation.
- gruffle
- Offline
- Junior Member
-
- nealuk
- User
-
- prospects
- Topic Author
- Offline
- Junior Member
-
17 May 2011 16:17 #6
by prospects
Replied by prospects on topic Re: Maximum sessions reached
The Draytek syslog is pretty good - but we don't have a syslog server so I need to stick a USB in each router and I don't get to some of the sites all that often
At the moment I've resorted to setting the session timeout to 5 minutes on the Firewall>> General Setup>> Advance Setting page, that seems to keep the sessions to 2000 or less and nobody has complained which is always a good sign.
I would guess that the numbers reported in Diagnostics >> Data Flow Monitor match those in Diagnostics >> Nat Session Table but neither is anywhere near the numbers I was seeing earlier in Firewall >> General Setup >> Session Control, the reported current shows as 164 against a peak of 1321 but for much of the day the firewall setup was showing 149xx against a max of 15000 and the users were getting the error.
Hopefully this has resolved it, we have another router that has been upgraded to 3.3.5.2, that one does not have the same issue but I'll hold fire on the others until I know if changing the session timeout is a good fix
At the moment I've resorted to setting the session timeout to 5 minutes on the Firewall>> General Setup>> Advance Setting page, that seems to keep the sessions to 2000 or less and nobody has complained which is always a good sign.
I would guess that the numbers reported in Diagnostics >> Data Flow Monitor match those in Diagnostics >> Nat Session Table but neither is anywhere near the numbers I was seeing earlier in Firewall >> General Setup >> Session Control, the reported current shows as 164 against a peak of 1321 but for much of the day the firewall setup was showing 149xx against a max of 15000 and the users were getting the error.
Hopefully this has resolved it, we have another router that has been upgraded to 3.3.5.2, that one does not have the same issue but I'll hold fire on the others until I know if changing the session timeout is a good fix
Please Log in or Create an account to join the conversation.