FortiGate has a Global Connection Table:

FortiGates maintains a global connection table, commonly referred to as the session table.

This table keeps track of all active sessions passing through the firewall, including TCP, UDP, ICMP, and other protocol-based connections. Each entry in the table represents a unique session that FortiGate monitors for stateful inspection and connection handling.

Entries possible in the Global Connection Table:

The maximum number of entries in the global connection table depends on the FortiGate model and its hardware specifications.

Here are typical session limits for various FortiGate models:

• Entry-Level Models (e.g., FortiGate-40F): Up to 700,000 concurrent sessions.
• Mid-Range Models (e.g., FortiGate-100F): Up to 1 to 2 million concurrent sessions.
• High-End Models (e.g., FortiGate-1500D, 3600E): Up to 10 million or more concurrent sessions.

Every record in the session table includes:

• Session ID: Identifying code for the session.
• Source/Destination IPs: Endpoints of the traffic within the session.
• Source/Destination Ports: Port communication.
• Protocol: Type of the protocol used in the session (e.g. TCP, UDP, ICMP).
• Policy ID: The identifying number of the firewall policy concerning the session.
• State: The state of the session (for example ESTABLISHED, TIME_WAIT, or CLOSE_WAIT).
• Timeout: Duration of the expiration timer for the session awaiting the event.
• Bytes Sent/Received: Amount of data exchanged during the session.
• NAT Details: Actual source and/or destination address to which the session is translated.

check the session limit:

get system performance status

This command shows real-time system performance, including a maximum number of sessions:

Example:

get system performance status
Average sessions: 3471 sessions in 1 minute, 3218 sessions in 10 minutes, 3078 sessions in 30 minutes
Maximal sessions: 3956 sessions in 1 minute, 3956 sessions in 10 minutes, 3956 sessions in 30 minutes
Average session setup rate: 81 sessions per second in last 1 minute, 70 sessions per second in last 10 minutes, 64 sessions per second in last 30 minutes
Maximal session setup rate: 182 sessions per second in last 1 minute, 182 sessions per second in last 10 minutes, 191 sessions per second in last 30 minutes 

Check the current session count on a FortiGate using the following CLI command:

diagnose sys session list | grep ´session´

This command shows a number of active sessions and helps monitor the firewall´s capacity.

Example:

session info: proto=6 proto_state=01 duration=10 expire=3599 timeout=3600 source=192.168.1.100:55344 destination=172.16.0.1:443

Summary:

• FortiGates have a global connection table for tracking active sessions.
• The maximum number of entries varies by model (e.g., 700,000 for 40F, millions for higher models).
• Monitor session usage with CLI commands to ensure the firewall operates within capacity.