Why connections count of ASA is much more than PA's ?

Reply
Highlighted
L2 Linker

Why connections count of ASA is much more than PA's ?

Hi,

 

I use V-Wire between ASA and core switch.

I found the connections count of ASA is much more than PA's.

Does anyone know how to explain about this ?

 

Thanks.

 01.jpg

 

L7 Applicator

Re: Why connections count of ASA is much more than PA's ?

Someone can correct me if I remember this incorrectly, however the way the two devices report are different. I beleive the way the ASA reports is by rule hits while the PAN uses Sessions. So the ASA may have more than the PAN. I recall this when purchasing the current PAN's and trying to size them appropriatly.

 

 

L4 Transporter

Re: Why connections count of ASA is much more than PA's ?

funny, i usually experience the contrary

Community Manager

Re: Why connections count of ASA is much more than PA's ?

The asa may be counting the 'connections per second' while the PAN will show you 'number of concurrently active sessions'

 

for more details you can run '> show session info' from the CLI which may show you the packetrate may be closer to the details of the ASA:

 

 

> show session info
--------------------------------------------------------------------------------
Number of sessions supported:                    65534
Number of active sessions:                       20
Number of active TCP sessions:                   13
Number of active UDP sessions:                   7
Number of active ICMP sessions:                  0
Number of active BCAST sessions:                 0
Number of active MCAST sessions:                 0
Number of active predict sessions:               0
Session table utilization:                       0%
Number of sessions created since bootup:         1664505
Packet rate:                                     8/s
Throughput:                                      4 kbps
New connection establish rate:                   0 cps
--------------------------------------------------------------------------------

 


Help the community: Like helpful comments and mark solutions
Reaper out
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!