Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
VinayHM
Staff
Staff

Created on ‎08-21-2023 12:11 AM Edited on ‎04-04-2025 04:36 AM By Moderator

Article Id 269332

Technical Tip: How to optimize memory by using session timers

Description This article describes how to optimize memory by using session timers.
Scope FortiGate.
Solution

Session timer optimizations:

  1. tcp-halfclose-timer: A state where the server sends fin.
  2. tcp-halfopen-timer: A state where the client sends syn and it is waiting for syn/ack from the server.
  3. tcp-timewait-timer: The TIME-WAIT state is where the application waits for opened socket to close.

 

config system global
    set tcp-halfclose-timer 30           [ default 120 s ]
    set tcp-halfopen-timer 5            [ default 10 s ]
    set tcp-timewait-timer 0            [ default 1 s ]
end

 

config system session-ttl
    set default 300                      [ default 3600 s ]

 

By reducing the session timers and device can quickly remove the cache and it will free up the memory.
5247
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.