- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: FortiWiFi 60D units locking up
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiWiFi 60D units locking up
In the past months we upgraded a large number of FortiWiFi 60D units to 5.2.4 and started seeing issues with units locking up and not responding randomly. The only way to resolve is to unplug power and reboot.
We are seeing this on a number of units. We send out logs to FortiAnalyzer and we found that after this hard reboot logging to memory is again enabled. We contacted Fortinet Support and this is a known big to be fixed in 5.2.7. I am not entirely convinced that this setting is causing the lock ups. Logs indicate nothing and in fact some units have few to no logs prior to lock up. Seems to be very random in nature, but also appears to only when during normal business hours.
Anyone else having any similar issues or thoughts on this?
-M
- « Previous
- Next »
23 REPLIES 23
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Our company has around 100 60D's deployed with no lockup issues on 5.2.7. We've found if there are lockup issues they usually link back to IPS.
First we usually format the log disk.
diag sys top execute formatlogdisk , best thing to do is to optimize the settings. Like, reducing the session-ttl ( which is 3600 seconds may not be needed in most of the networks) and when can have increased session-ttl for specific protocols and ports if needed. Also, tweaking the below values (these are not default, they are recommended values):
config system global set tcp-halfclose-timer 30 set tcp-halfopen-timer 30 set tcp-timewait-timer 0 set udp-idle-timer 60 end Above techniques will help to optimize the performance of a device.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
That's great that that works for you, but we are seeing;
no response on the LAN side
no response at the console
EDIT: Misread. But have the exact same config across all our devices, and only a subset are experiencing this.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Shrew-
Looks like you and I are having very similar issues. 100s of devices with nearly identical configs and only SOME lock up. We have replaced units and they replacements exhibit the same behavior. Last TAC tech stated the unit was not upgraded following the appropriate upgrade path. They stated it is was upgraded from 5.0.6 to 5.2.4 and 5.0.10 was skipped. Unit arrived to our door from Ingram with 5.2.4 in January of 2016. That same day we received a few new 60D units. According to the TAC tech, they were all upgraded improperly BEFORE they were shipped to me.
I wiped one of the 60D units and loaded a clean install on it, deployed it and it has not locked up once.
I have about 15-20 units out in the field that are doing this, but since I upgraded them from 5.0.1 years ago to 5.2.7 myself, I know it was done right. However, I do not know if they were put on 5.0.1 correctly and possibly exhibiting behaviors from that. Seems unlikely that I would just now be seeing issues, but FortiGates have done stranger things.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have a pair of 900D's among other problems that the GUI crashes about every time I use it.
Back in April I started complaining about poor logging and GUI performance then we discovered a bug in the DoS GUI.
I got tired waiting for the bug fix on the DoS display (shows a blank screen) and opened a new case about the GUI locking up all of the time and forcing me to go to a different computer (IP address) to access the GUI.
It really said that Fortigate has all of these problems; its basically a nice product.
In retrospect it was a bad idea to purchase a newly released chassis as we did. The 900D was released just weeks before we purchased two of them. Should have stayed with the Cisco ASA's for a little while longer.
- « Previous
- Next »
Related Posts
- Can be FortiLink port used as... 21418 Views
- LACP support in 6.2.1 on 61e 6130 Views
- VXLAN over IPSEC site-to-site FortiOS 5.6.3... 1378 Views
- Fortiwifi 60E and SKY Fibre Broadband 8174 Views
- FortiWifi 92D locks up 2178 Views
Labels
-
FortiGate
6,457 -
FortiClient
1,290 -
5.2
801 -
5.4
639 -
FortiManager
562 -
6.0
416 -
FortiAnalyzer
411 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
68 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
BGP
11 -
DNS
11 -
Interface
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.