Fortinet Crash - 7.4.7

bhoot960 · ‎03-13-2025

Recently upgraded my firewall fleet (about 15 60f's, 2 100f's)

We're experiencing a crash of some sort every 2-4 days.

Of course a ticket has been opened and they're working it, albeit very very slowly. Pretty disappointed in their lack of urgency and overall continued lack of code quality.

The crash debug logs from the console session has:

NP6XLITE: __np6xlite_tunmgr_write:61 timeout

Not sure if anyone has seen this or knows anything about this issue ---- we're experiencing a high impact when this crash occurs, of course.

10.0.0.0.1 192.168.1.254

AEK · ‎03-15-2025

As a troubleshooting step you may try disable the np6xlite processors for a couple of days just to see the behavior.

https://docs.fortinet.com/document/fortigate/7.4.7/hardware-acceleration/246096

Do it for every processor id.

This may add load to your CPU, so you need to monitor your CPU while the NP processors are disabled.

AEK

SChundandavida · ‎03-17-2025

We are also experiencing the similar issues, every 2-3 days the active primary gets restarted ever since upgrade to 7.4.7.

the last reboot reason shows as power cycle

system events in the device shows "Fortigate had experienced an unexpected power off!"
Comlog log says as below (https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-use-the-COMLog-feature/ta-p/195390)
Kernel panic - not syncing: Fatal exception in interrupt
Rebooting in 5 seconds..

Kangming · ‎03-17-2025

Customer Facing Description	`High CPU peak issue after upgrading to versions higher than the following ones: 7.0.16, 7.0.17, 7.2.11, 7.4.6 or 7.4.7`
Workaround	`To disable IPsec phase1 npu-offload during the maintenance window FW1 #config vpn ipsec phase1-interface FW1 (phase1-interface) # edit <Phase1 Name> FW1 # set npu-offload disable FW1# end`
Trigger Condition	`np6xlite(soc4), np6lite(soc3) and np7lite(soc5) can all be affected.`

Thanks

Kangming

Fortinet Crash - 7.4.7

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website