A forward session is established for packets transmitted from the user side to the network side. To prevent individual users from consuming excessive session table resources to cause failures to establish connections for other users, you can set a limit on the maximum number of user-to-network NAT sessions that can be established for a specific user.
If the number of established Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP) NAT sessions, or the total number of NAT sessions involving the same source IP address exceeds a configured threshold, a device stops establishing such sessions. The limit helps prevent resource overconsumption from resulting in a failure to establish connections for other users.
The system view is displayed.
The NAT instance view is displayed.
The user-based NAT session number limit function is enabled.
The maximum number of NAT sessions that can be established is set.
The configuration is committed.