Session States and Types

Session States and Types

106251
Created On 09/25/18 20:40 PM - Last Modified 06/13/23 02:59 AM


Resolution


Here is more information on the different Session States and Types.

 

Session States:

 

Session StateStable / TransientDetails
InitStableSession stays in free pool, initial state or is freed and returned to free pool
OpeningTransientSession is allocated from free pool and has yet to be installed into flow lookup table and ager
ActiveStableSession is in flow lookup table and packet matched this flow will be inspected and forwarded
DiscardStableSession is in flow lookup table but set to state DISCARD due to deny rule in security policy, or detected threat, packet matched will be discarded
ClosingTransientSession is set to be expired immediately but has not been removed from aging process nor removed from flow lookup table, packet matched will disregard the match and enqueue to create new session
ClosedTransientSession is expired and removed from aging process, but not from flow lookup table.packet matched will disregard the match and enqueue to create new session
FreeTransientSession has been removed from aging process and flow lookup table, but not returned to free pool

 

Session Types:

 

• Predict
   - Sessions for which Application Layer Gateway (ALG) is required.
   - Packets matching predict sessions will be then converted to normal Flow session.
   - Often will have source or destination IP/port as zero as that information may not be known yet.

 

• Flow
   - Normal C2S and S2C sessions.
   - Certain applications with dynamic TCP/UDP ports may create Predict sessions. (such as ftp, sip/h323, bittorrent, and skype)

owner: mbutt



Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000Clk9CAC&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language