Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MISLuke
New Contributor

CPU 100% with latest 5.2.0 firmware

Have anyone encountered their fortigate displaying 100% CPU on their system resources? Using a FGT 200B and upgrade recently with 5.2.0. was working fine until today then got this issue. Thought its IPS issue so restart the IPS engine but no help went into diag top 1 100 and found scanunid is using 96% of CPU. tried to kill this process ID but no help. any ideas? Polices have got virus scan (flow control), IPS and web filter running.
Luke Low
Luke Low
1 Solution
NeophyteHeaven
New Contributor II

The way i solved this is turn off Memory Logging and Archiving under Log & Report > Log Config > Log Settings.

View solution in original post

6 REPLIES 6
emnoc
Esteemed Contributor III

Yes I see 100% CPU spikes.when you try to kill the process does it die and restart?

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Fatih
New Contributor

diag sys kill 11 pid id or execute formatlogdisk
FCNSA / FCNSP
FCNSA / FCNSP
snobs
New Contributor II

Since I upgrade to 5.2/5.2.1 on my Fortigate 200B units, their CPUs are going to 100% every ~2 weeks and stay there. In that situation I cannot login via SSH, i.e. I can enter the user name and password. After pressing ENTER nothing happens, no CLI is shown). I can login to the webgui (From there I cannot login to the cli, same problem as mentioned before)  But after hitting reboot within the gui, nothing happens anymore. I´m loosing IP connectivity at all. The only way to get them working again, is to plug the power cable off and on.

 

I have 4 units with that problem. I only have basic NAT masquerading and some firewalls enabled, no IPS, nothing else. With FortiOS 4.3 I didn´t have those problems at all.

Of course I opened tickets at Fortigate support and gave them debug logs and configs. So far I haven´t received any reason for what is causing those high cpu usage. Currently logging to the devices is completely shutdown in order to see whether logging is the problem.

kloby
New Contributor

I also have problem on 200B after 5.2.0 update. The problem is "FortiGate has reached system connection limit for 1 seconds" messages but after looking logs for sessions it isn't even close to top of connection limit. With same configuration on 5.0.9 there was no problems at all.

norouzi
Contributor

I had the same problem in 5.2.0 but in 5.2.1 fortigate works better.

 

NeophyteHeaven
New Contributor II

The way i solved this is turn off Memory Logging and Archiving under Log & Report > Log Config > Log Settings.

Top Kudoed Authors