CPU Usage 99%

Thanks for the answer... I do what you said and i get this..... Run Time: 60 days, 18 hours and 52 minutes 35U, 64S, 0I; 123T, 35F, 31KF miglogd 28 R 13.4 4.4 newcli 7795 R 0.3 4.1 ipsengine 449 S < 0.1 11.8 httpsd 5083 S 0.1 9.4 haproxy 56 S 0.1 3.5 httpsd 4967 S 0.0 8.0 cmdbsvr 15 S 0.0 7.6 thttp 7545 S 0.0 6.4 httpsd 7794 S 0.0 5.7 httpsd 30 S 0.0 5.7 scanunitd 7729 S < 0.0 5.5 scanunitd 7728 S < 0.0 4.5 merged_daemons 35 S 0.0 4.1 imd 6959 S 0.0 4.1 updated 48 S 0.0 4.1 newcli 7790 S 0.0 4.0 nsm 21 S 0.0 3.8 smtp 37 S 0.0 3.7 pop3 38 S 0.0 3.6 ftpd 45 S 0.0 3.6 What can i do now? Thanks again-....

There are 70 current sessions. And we have 27 users. The extrange thing is that the fgt was working perfect until last week that i saw the following mesage: 2009-01-02 12:17:47 Fortigate has reached connection limit for 476 seconds 2009-01-02 12:09:42 Fortigate has reached connection limit for 542 seconds 2009-01-02 12:00:31 Fortigate has reached connection limit for 541 seconds 2009-01-02 11:51:20 Fortigate has reached connection limit for 417 seconds 2009-01-02 11:44:12 Fortigate has reached connection limit for 317 seconds And today the cpu usage in 99%.. Thank Maik

try the following guidelines: http://kc.forticare.com/default.asp?id=1076&SID=&Lang=1

P768 thanks for the answer... I do all that but cpu usage now is 92% and memory usage is 66%... i don' t know what else i can do

Hi, I have a Fortigate 50a , the problem is that is showing 99 % CPU usage. Why is this happening? I have this ... Firmware Version Fortigate-50A 3.00-b0668(MR6 Patch 2)

Hello, Assuming your box is right sized for your network (a big " if" ) there' re some posts above a bug in certain IPS engine < 1.097 for MR6 patch2 that could be triggering this behaviour: could you post the output of CLI command, please?: " get system fortiguard-service status"

rwpatterson i did that several times anda the values goes from 92% to 99%. Abelio, here is what you asked me NAME VERSION LAST UPDATE METHOD EXPIRE AV Engine 3.003 2008-01-09 21:26:00 manual 2009-06-27 03:00:00 Virus Definitions 9.894 2009-01-05 02:16:00 manual 2009-06-27 03:00:00 Attack Definitions 2.581 2008-12-24 06:13:00 manual 2009-06-27 03:00:00 IPS Attack Engine 1.097 2008-08-22 22:05:00 manual 2009-06-27 03:00:00 Thank you both!!!!

This is what i get Fortigate-50A # diag sys top Run Time: 0 days, 1 hours and 4 minutes 35U, 63S, 0I; 123T, 39F, 33KF miglogd 28 R 98.6 4.1 newcli 196 R 1.9 4.1 ipsengine 47 S < 0.0 11.6 httpsd 61 S 0.0 7.6 thttp 40 S 0.0 7.5 cmdbsvr 15 S 0.0 7.5 httpsd 58 S 0.0 6.9 httpsd 169 S 0.0 6.0 httpsd 30 S 0.0 5.7 scanunitd 60 S < 0.0 4.8 scanunitd 32 S < 0.0 4.5 merged_daemons 36 S 0.0 4.1 newcli 186 S 0.0 4.0 updated 48 S 0.0 3.9 nsm 21 S 0.0 3.8 smtp 34 S 0.0 3.7 imd 45 S 0.0 3.6 nsmon 55 S 0.0 3.5 haproxy 54 S 0.0 3.5 fgfmd 56 S 0.0 3.5 Thanks!!

Thanks both!! I do what Abelio said and.... nothing. I reboot the box and the cpu usage goes between 86% and 99%

I agree with abelio --> It is " best practice" to stay current with the patch releases for the MR (Major Release) that you are running on the Fortigate as the patch releases will " fix" bugs that have been reported in earlier releases. As you are running an earlier release of MR6, upgrade to the latest patch release and test to see if the issue persists.

About the FortiOS diagnose sys top CLI command http://kc.forticare.com/default.asp?id=3825&SID=&Lang=1 FGT# diag sys top 1 -->will list the process that is consuming CPU/Memory at the top of the output so that you can quickly identify the ' culprit' .