A reverse session is established for packets transmitted from the network side to the user side. To prevent individual users from consuming excessive session resources to cause failures to establish connections for other users, you can set a limit on the maximum number of network-to-user NAT sessions that can be established for a specific user.
If the number of established Transmission Control Protocol (TCP), User Datagram Protocol (UDP), Internet Control Message Protocol (ICMP) NAT sessions, or the total number of NAT sessions involving the same destination IP address exceeds a configured threshold, a device stops establishing such sessions. The limit helps prevent resource overconsumption from resulting in a failure to establish connections for other users.
The system view is displayed.
The NAT instance view is displayed.
The device is enabled to monitor the number of established user-specific network-to-user NAT sessions.
The maximum number of network-to-user NAT sessions that can be established is set.
The configuration is committed.