Welcome to

Welcome to!

This site was created as a place to share stories, tips, and troubleshooting help with ShoreTel/Mitel systems. ShoreTel/Mitel is obviously the MOST exciting VoiP platform on the market right now, and we realized there was no centralized place to discuss this platform, but now there is. Please feel free to join and share your experiences.

Please Note: This site IS NOT owned, funded, or managed by ShoreTel/Mitel, Inc. although you may find ShoreTel/Mitel employees sharing there experiences and expertise. If you would like more information on ShoreTel/Mitel systems, contact BTX at [email protected]

As always please support the advertisers that help support our site.

Thank You,
See more
See less
  • Filter
  • Time
  • Show
Clear All
new posts

  • Juniper Netscreen 5GT Session Overflow

    We have had Shoretel between two of our offices for the past 2 years. On location has the Director and Shoretel VM server for the two sites. At each site we had a Netscreen 5GT router that handled the VPN.

    Two weeks ago we changed our network a bit. Our ISP is now handling our VPN (a MPLS network). We have the following routes in our Netscreens pointing to our ISPs router. -> (trust) -> (trust)
    The immediate problem we had after doing so is that both Netscreens are having Session Overflow problems. I have download a program that can read the session dump and it shows that 85% of all of the session requests have a destination of the Director/VM Server.

    I am getting the following errors on the netscreen. To clear the sessions, I have to telnet into each router and issue a CLEAR SESSION command. The 5GT has a max of 2000 sessions and we have never had a problem staying well underneath that.
    [00005] 2008-12-02 13:07:45 [Root]system-critical-00051: Session utilization has reached 1857, which is 90% of the system capacity!
    In one office we have a L2 so we can't place a route in there, in the other office we have a L3 switch that I have also added the route to.

    Anyone want to take a stab at why this is happening.

  • #2
    the Netscreen, rather than just doing an icmp redirect is tracking the sessions. Can you change the default gateway on the dhcp server to the other router?



    • #3
      The only traffic that should be going across this new route is traffic that will be traveling between offices, so I wouldn't want to change my default gateway to our ISPs interface for the VPN.


      • #4

        I saw use the "opportunity" to get a better firewall.......

        Watchguard x750 maybe?