Fortigate 80C stopped, need help.

jerrynz · ‎02-04-2013

Hi there, I an newbie here. Just got a problem for 80C. It stopped working occasionally, nobody could go to internet. When I login it show on Dashboard that Registration unreachable. AntiVirus, IPS and Vulnerability Scan all failed. CPU usage was around 95% high. When click on CLI Console it shows Connected but with error: Cannot read termcap database, using dumb terminal setting. All log file are missing. When I tried to reboot it just hang. I have to disconnect the power and wait for a few minutes. after trun it on normally it works fine. Checked the log after restarting, it stopped logging anything sometime a few hours ago. It seems this more often since this January. I am not good at Fortigate and CLI. If you have any ideas about this issue I am glad to hear. Thank you. The screenshot is below.

Dave_Hall · ‎02-04-2013

Hi Jerry. Welcome to the forums. I have noticed you have vdoms enabled -- was that your doing and/or do you actually need vdom support on the Fortigate? That may be your problem right there.

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

jerrynz · ‎02-04-2013

Hi Dave, We do have two VDOMs for two different networks. It worked well for the last eight months. You think that' s the problem?

ede_pfau · ‎02-05-2013

No. I mean, you' ve got 2 obvious problems: high CPU usage and Fortiguard network not reachable. To check which process eats up your CPU cycles: - open the console - type ' diag sys top 10' - type ' P' - quit after a while, copy the text and post here FG network: - post your settings in System>Config>FortiGuard especially the closed section ' AntiVirus and IPS Options' - tell us how the FGT is connected to the internet (any intermediate routers? NAT?)

Ede

"Kernel panic: Aiee, killing interrupt handler!"

Matthijs · ‎02-05-2013

After a reboot try to run the following command on the cli: execute update-now (when running in vdom mode first type config global) if registration is still unreachable after a few minutes try to ping fortiguard: exec ping service.fortiguard.net

jerrynz · ‎02-06-2013

Thank you, Ede and Matt. I tried to connect to 80C https web interface this morning but cannot. It shows connection was reset. Internet seems work fine. I will try to restart it and then try those CLI command, when there are not too any users.

jerrynz · ‎02-06-2013

Hello Ede, The result for CLI command ' diag sys top 10' :

jerrynz · ‎02-06-2013

Screenshot for FortiGuard config:

jerrynz · ‎02-06-2013

It works well now. But there are some problems somewhere. I cannot access all logs now. It just hang when I click any log like traffic log, event log. the high CPU usage and unreachable Fortiguard only happen when users cannot connect internet.

Carl_Wallmark · ‎02-06-2013

My guess is that you have a corrupt filesystem, Do a backup of config. Do a fresh format of the flash, and upload same firmware. Restore the config.

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C