Hot!Fortigate 80C stopped, need help.

Author
jerrynz
New Member
  • Total Posts : 7
  • Scores: 0
  • Reward points: 0
  • Joined: 2013/02/04 12:07:52
  • Status: offline
2013/02/04 12:22:13 (permalink)
0

Fortigate 80C stopped, need help.

Hi there,

I an newbie here. Just got a problem for 80C.

It stopped working occasionally, nobody could go to internet. When I login it show on Dashboard that Registration unreachable. AntiVirus, IPS and Vulnerability Scan all failed. CPU usage was around 95% high. When click on CLI Console it shows Connected but with error: Cannot read termcap database, using dumb terminal setting.

All log file are missing. When I tried to reboot it just hang. I have to disconnect the power and wait for a few minutes. after trun it on normally it works fine. Checked the log after restarting, it stopped logging anything sometime a few hours ago.

It seems this more often since this January. I am not good at Fortigate and CLI. If you have any ideas about this issue I am glad to hear. Thank you.




The screenshot is below.




< Message edited by jerrynz -- 2/4/2013 12:32:38 PM >

Attached Image(s)

#1

11 Replies Related Threads

    Dave Hall
    Expert Member
    • Total Posts : 1724
    • Scores: 176
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/04 13:21:08 (permalink)
    0
    Hi Jerry.

    Welcome to the forums.

    I have noticed you have vdoms enabled -- was that your doing and/or do you actually need vdom support on the Fortigate? That may be your problem right there.
    < Message edited by Dave Hall -- 2/4/2013 1:36:55 PM >
    #2
    jerrynz
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/02/04 12:07:52
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/04 13:34:42 (permalink)
    0
    Hi Dave,


    We do have two VDOMs for two different networks. It worked well for the last eight months.

    You think that' s the problem?
    #3
    ede_pfau
    Expert Member
    • Total Posts : 6383
    • Scores: 547
    • Reward points: 0
    • Joined: 2004/03/09 01:20:18
    • Location: Heidelberg, Germany
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/05 00:06:24 (permalink)
    0
    No. I mean, you' ve got 2 obvious problems: high CPU usage and Fortiguard network not reachable.

    To check which process eats up your CPU cycles:
    - open the console
    - type ' diag sys top 10'
    - type ' P'
    - quit after a while, copy the text and post here

    FG network:
    - post your settings in System>Config>FortiGuard
    especially the closed section ' AntiVirus and IPS Options'
    - tell us how the FGT is connected to the internet (any intermediate routers? NAT?)


    Ede

    " Kernel panic: Aiee, killing interrupt handler!"
    #4
    Matthijs
    Gold Member
    • Total Posts : 342
    • Scores: 15
    • Reward points: 0
    • Joined: 2010/05/26 04:58:32
    • Location: Aalsmeer, The Netherlands
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/05 00:28:52 (permalink)
    0
    After a reboot try to run the following command on the cli:

    execute update-now

    (when running in vdom mode first type config global)

    if registration is still unreachable after a few minutes try to ping fortiguard:

    exec ping service.fortiguard.net

    --------------
    FCNSA
    FCNSP
    FCESP
    #5
    jerrynz
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/02/04 12:07:52
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/06 13:24:26 (permalink)
    0
    Thank you, Ede and Matt.

    I tried to connect to 80C https web interface this morning but cannot. It shows connection was reset. Internet seems work fine. I will try to restart it and then try those CLI command, when there are not too any users.
    #6
    jerrynz
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/02/04 12:07:52
    • Status: offline
    RE: Fortigate 80C stopped, need help.q 2013/02/06 16:56:26 (permalink)
    0
    Hello Ede,

    The result for CLI command ' diag sys top 10' :



    Attached Image(s)

    #7
    jerrynz
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/02/04 12:07:52
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/06 16:57:22 (permalink)
    0
    Screenshot for FortiGuard config:



    Attached Image(s)

    #8
    jerrynz
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/02/04 12:07:52
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/06 17:03:46 (permalink)
    0
    It works well now.

    But there are some problems somewhere. I cannot access all logs now. It just hang when I click any log like traffic log, event log.

    the high CPU usage and unreachable Fortiguard only happen when users cannot connect internet.
    #9
    Selective
    Expert Member
    • Total Posts : 2744
    • Scores: 119
    • Reward points: 0
    • Joined: 2007/07/03 10:44:56
    • Location: Gothenburg - Sweden
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/06 22:51:09 (permalink)
    0
    My guess is that you have a corrupt filesystem,

    Do a backup of config.
    Do a fresh format of the flash, and upload same firmware.
    Restore the config.

    FCNSA, FCNSP
    ---
    FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
    FortiAnalyzer 100B, 100C
    FortiMail 100,100C
    FortiManager VM
    FortiAuthenticator VM
    FortiToken
    FortiAP 220B/221B, 11C
    #10
    jerrynz
    New Member
    • Total Posts : 7
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/02/04 12:07:52
    • Status: offline
    RE: Fortigate 80C stopped, need help. 2013/02/11 15:58:07 (permalink)
    0
    Thank you all for your help.

    I tried rebuild sql database on Saturday but failed. I tried to format log disk and this seems fix the issue.

    Till now it works very well.

    < Message edited by jerrynz -- 2/11/2013 3:58:42 PM >
    #11
    edwinbaloyi
    New Member
    • Total Posts : 3
    • Scores: 0
    • Reward points: 0
    • Joined: 2020/05/21 03:29:38
    • Status: offline
    Re: Fortigate 80C stopped, need help. 2020/05/27 01:20:10 (permalink)
    0
    Thank you,
     
    I have the same issue with a fortigate VM64, but i think my problems all relate to a UDP DoS attack which i had only set to detect and not block on the DoS policies due to the policy blocking legitimate traffic.
     
    Regards
    Edwin Baloyi
    #12
    Jump to:
    © 2020 APG vNext Commercial Version 5.5