record reached max ression number

L2 Linker

record reached max ression number


Pls advise if we have CLI cmd that record the PA box  reached max session number till now ...So I can assess if it will reach our session limited .


Jeff Jin

L6 Presenter

Re: record reached max ression number

admin@PA-4020-merk(active-primary)> show session info
--------------------------------------------------------------------------------Number of sessions supported:                    2097134Number of active sessions:                       0Number of active TCP sessions:                   0Number of active UDP sessions:                   0Number of active ICMP sessions:                  0Number of active BCAST sessions:                 0Number of active MCAST sessions:                 0Number of active predict sessions:               0Session table utilization:                       0%Number of sessions created since bootup:         2409                                                     Packet rate:Throughput:                                      0 kbpsNew connection establish rate:                   0 cps--------------------------------------------------------------------------------

L6 Presenter

Re: record reached max ression number

Also, knowing max sessions supported, you could also do the following which will provide real time stats

admin@PA-4020-merk(active-primary)> show system statistics

    : 2 days 17 hours 13 mins 8 secPacket rate   

    : 0/sThroughput     

    : 0 KbpsTotal active sessions :

     0Active TCP sessions

   : 0Active UDP sessions 

   : 0Active ICMP sessions  : 0

L2 Linker

Re: record reached max ression number

I want to know max concurrent session reached in history . if have cli cmd


L6 Presenter

Re: record reached max ression number

I'm not aware of any commands in cli that would produce max sessions reached in a historical format. You could implement Cacti and utilize snmp to extract session utilization perhaps. Otherwise, you'd have to export tech support files and perhaps use pspad application to scour through the dp-monitor.log

L3 Networker

Re: record reached max ression number

4 years late, but you can get this info through ACC in 7.0 (sort one of the widgets by session and look at the graph) or through CLI:


show running resource-monitor


In the output, you will see session utilization within the last X timeframe, but indicated by percentage. 



Resource utilization (%) during last 13 weeks:

session (average):

  0   0   0   0   0 

session (maximum):

  1   1   0   0   0



To see what your maximum session supported count is on the firewall, you can issue this command:

admin@PA-200> show session info


Number of sessions supported:                    65534


You can roughly figure out the session usage through CLI by taking the percentage of the maximum supported session number. 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!