Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I've noticed something funky since 6.0.0 and it's continued into 6.0.1: When in the Fortiview section looking through Web Sites, Sources, Applications, etc. the results will display when I browse through the different areas, but eventually it starts displaying No Results Found no matter what time-frame I choose (now, 5min, 1hr, 24hrs) or what category I go into (Sources, Destinations, Applications, Websites). I usually have to log out and log back in to look through it, and then it eventually happens again. What's odd is I get a notification in the upper right hand portion of the toolbar where it displays whether you're viewing log data from the local device or from the Forticloud - it turns into an amber triangle with an exclamation mark.
I've verified this happens on multiple 140Ds and a 200 using both Edge and Chrome (fully updated/patched). It's gotta be something simple that I borked up in the config, but it's super frustrating.
Yet another conserve mode event today. This is only a small office so something is def not right. I've been working all day and the memory widget shows memory usage creeping up from midday in a steady slope. Suggests a memory leak to me.
I had three outages of my fortigate last week and today I had two of those events.
Only a restart helped.
I couldnt get any output over serial console in case of this event.
NSE 4/5/7
Another outage today with only IOT stuff connected so no 'big usage'. This time I had the brains to try and find out what is doing it...turns out it is the WAD process. I do not use caching, explicit proxy etc etc.
Conserve mode WAD 40% After clearing sessions WAD back to 1%
Hope this helps somebody or points them in the right direction.
rkhair wrote:
Having issues with Windows updates sites being blocked by AV.. anyone seeing this also? It flags it as a virus but had no name.. started since 6.0.1 , reverted our lab to 5.6 and was back to normal.. comes up in AV monitor and forward log..
SMabille,
Did you make any progress on this issue?
I have a case open for it with support- but so far no obvious sign of resolution and they can't reproduce it (at least on simple test).
Just wondered how you were getting on- maybe I could add any of your findings to the ticket if you dont have one open yourself?
Kind Regards,
Andy.
SMabille wrote:Hi,
Confirmed, except not only UDP. I got 50Gb of ping reported in last 24 hours, so ICMP affected too.
HTTP+HTTPS (TCP) reporting about 80Gb of traffic for last 24Hrs while "real" total amount (as per ISP stats) is about 20Gb.
So looks like all protocol affected.
Wondering if traffic is counted as number of packets*mtu, which would explain why some protocols looks more affected than others.
Andy Bailey wrote:
Hello all, I’ve upgraded a 60E to 6.0.1. Since the update the FortiView “Bytes (Sent/ Received)” counters seem to have gone wrong. For example I have one Rasberry Pi which is indicating over 817GB sent during a 24 hour period (normally it would send perhaps 5 GB and it’s config and status haven’t changed). Other devices seem to be reporting similarly high data volumes, while others look relatively normal. The Raspberry Pi is sending mainly UDP packets so it’s possible it’s just UDP traffic volumes not being recorded correctly. The high data volumes are also being reported through to FortiCloud and FortiAnalyzer. However, the figures being reported can’t be correct. The VDSL service I use has 1000 GB per month cap. And the ISP is reporting “normal” useage of around 10 GB per day. Nothing like the FortiGate reported values. Anyone else seeing this? Anyone got any ideas of what I should check? Thanks in advance, Andy.
Hi Andy,
I didn't really pursue the issue (haven't opened a ticket). I think since my post I upgraded to FortiAnalyzer 6.0.1 but no improvement.
Andy Bailey wrote:SMabille,
Did you make any progress on this issue?
I have a case open for it with support- but so far no obvious sign of resolution and they can't reproduce it (at least on simple test).
Just wondered how you were getting on- maybe I could add any of your findings to the ticket if you dont have one open yourself?
Kind Regards,
Andy.
SMabille wrote:Hi,
Confirmed, except not only UDP. I got 50Gb of ping reported in last 24 hours, so ICMP affected too.
HTTP+HTTPS (TCP) reporting about 80Gb of traffic for last 24Hrs while "real" total amount (as per ISP stats) is about 20Gb.
So looks like all protocol affected.
Wondering if traffic is counted as number of packets*mtu, which would explain why some protocols looks more affected than others.
Andy Bailey wrote:
Hello all, I’ve upgraded a 60E to 6.0.1. Since the update the FortiView “Bytes (Sent/ Received)” counters seem to have gone wrong. For example I have one Rasberry Pi which is indicating over 817GB sent during a 24 hour period (normally it would send perhaps 5 GB and it’s config and status haven’t changed). Other devices seem to be reporting similarly high data volumes, while others look relatively normal. The Raspberry Pi is sending mainly UDP packets so it’s possible it’s just UDP traffic volumes not being recorded correctly. The high data volumes are also being reported through to FortiCloud and FortiAnalyzer. However, the figures being reported can’t be correct. The VDSL service I use has 1000 GB per month cap. And the ISP is reporting “normal” useage of around 10 GB per day. Nothing like the FortiGate reported values. Anyone else seeing this? Anyone got any ideas of what I should check? Thanks in advance, Andy.
Dominic Lange wrote:Installed it on 2 separate 50E with SD-WAN. Both crashed after a while without console output. Not pingable and nothing in the crash-log. LEDs still blinking but is not reacting to console input.
First box had Interfaces and VPN Tunnels in SD-Wan and had some Performance SLA and it dies after 5-10 Minutes. Deleting Performance SLA could raise the time to die to about 1-3 hours.
Second box which has only 2 WAN as SD-WAN interfaces and only ping Performance SLAs dies after about 24 hours.
Had the same issue with 3 50E-s, one standalone and two in HA pair, with and without SD-WAN. They were just stalling after 1-3 hours. Had to downgrade to 5.6.5, needless to say it erased config and I had to restore it from backup in remote site.
Does anybody Knows the differences in the Certification of NS4 between 5.6 and 6.0
From what i see looks the same trainning material with minor differences in number of pages ?
I m preparing for NS4 5.6 version
thanks
--------------------------------------------
If all else fails, use the force !
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
227 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.