@alex_c wrote:
I also posted this question on cisco forum, and got reply stating that they are not the same thing.
I find that interesting, considering they call that a connection table..
@alex_c wrote:
However, you statea that a session is defined by a bi-directional traffic between 2 hosts, and inside a session we can have many connections(one way traffic between hosts).
And in the connection table of SRX, when we see the output of 'show security flow session' we see the established sessions or the connections ?
There are two connections to each session. Each connection is considered a wing (two wings to fly).
When you look at the output of show security flow session, you see the session the SRX has created. Now the SRX creates a bi-directional session for each connection attempt (assuming it's permitted by policy, has a route, permited by screens, etc).
So if server A initiates a connection to server B. Assuming the firewall allows it the SRX will populate the session table with two entries.
A IP address/port -> B IP address port
B IP address/port -> A IP address/port
This is why you see two entries in the session table.