- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiGate FG-40F freeze (stitch:Security Rating Notification is triggered)
Dear Forti Support,
it has happened today again (twice in last two weeks), that our box stopped working without any obvious reason. Our box:
- FG-40F
- firmware v7.2.8 build1639
In the log there are lines (in this order):
- stitch:Security Rating Notification is triggered.
- The system has activated session fail mode
- Kernel enters memory conserve mode
- Kernel enters extreme low memory mode.
Both RAM and CPU got to >90%, network stopped working and we had to power it off & on again.
Regards
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How many devices (switches, APs) are you managing on that FortiGate? Seems like you may be hitting Bug ID 1057862 if there is an excessive amount of devices.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
only Forti device in our LAN is this box (both switches and APs are different brand)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
then your box is likely too small for the traffic passing through it. Follow the troublshooting steps and see what may cause the load (if there is a specific process overusing resources). This is a unit meant so serve small offices, with few devices.
https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-How-to-do-initial-troubleshooting-of...
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are pretty small company, so the traffic isn't big, the 40F looked as an appropriate choice. I've checked the posted link, made some little tweaks, learned how to monitor processes and now I have to wait when it happens again to know more.
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The best approach is to consult with a Fortinet Sales representative for correct estimates and sizing of the device to match your requirements, prior to a purchase. The benchmarking numbers in the datasheet may not accurately reflect the needs of a company.
For example (not a real accurate estimate): if your unit can handle 1GBps traffic per datasheet, but you want to add antivirus, this goes down to 500MBps. If one user also needs to use explicit proxy, this goes down to 100Mbps, and if you want to further add IPS, then you are left with 10Mbps or less for all the 5 users in your office.
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Team,
Please check if there any demons getting crashed by using the below command
Diagnose debug crashlog read
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
There is no option "read". I can type "get" instead, but then I get it as Base64 file, that I am not sure what to do with, or how to read that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
We need to type read manually.
Diagnose debug crashlog read
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the option exists. if you don't type the "?" or TAB, and instead you type the word "read" the command will work
- Toss a 'Like' to your fixxer, oh Valley of Plenty! and chose the solution, too00oo -