Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
leif
New Contributor II

High CPU Usage - appDemo process

Hi. I recently replaced a FGT 200E (running 5.6.x) with a FGT 201F (6.2.x) where I lightly modified the configuration.

The new firewall (201F running 6.2.7) now shows high cpu usage on one alternating core. 

CLI and diagnose sys top shows

Run Time: 0 days, 12 hours and 39 minutes 3U, 0N, 9S, 88I, 0WA, 0HI, 0SI, 0ST; 7979T, 3990F appDemo 169 S < 99.8 0.8

 

So in other words the process appDemo uses 99,8% cpu. 

 

I've tried to identify the appDemo process and the purpose of it without luck. It's not listed here: https://kb.fortinet.com/kb/documentLink.do?externalID=FD40822

 

Any clues on how to process further here?

 

Thanks.

5 REPLIES 5
Pak_8
New Contributor

I'm experiencing the exact same problem, on a FGT 200F 6.2.7.

Did you solve your problem? I can't seem to find anything about that process.

Thanks

leif
New Contributor II

Hi. I'm waiting on Fortinet to create a new firmware. Seems to be a bug. 

 

Its possible to disable FSSO polling and or change the ports that fsso uses

config system fsso-polling set listening-port <8400>

 

config user fsso set port <8400>

Referance: https://docs.fortinet.com...20/system-fsso-polling https://docs.fortinet.com/document/fortigate/6.2.1/cli-reference/410620/user-fsso

 

and then do a reboot on the fortigate fw. 

 

Might help.

Pak_8
New Contributor

Thanks for your answer.

So is it somehow related to the FSSO? Does it come from your personal experience or did u get an official answer from Fortinet? Thank you very much.

rdumitrescu
New Contributor III

Some weeks ago, we have opened a ticket to Fortinet support and we had got the same answer: change the FSSO polling agent port.

The issue seems be related to a driver that they're using in the F series. There should be a fix in the next releases but for now we have to stick with the workaroud.

toxicshot
New Contributor

Here are some more specific instructions (specifically for DC Agent mode) having run through this several times now (we are running the 601F in HA).

1. Change the port that FSSO uses on the FortiGate side - this is a per collector configuration.

config user fsso

edit <name of collector>

set port 8400

2. Set the listening port on the collector to match (as seen in the image below)

 

toxicshot_0-1671200904280.png

3. Reboot the firewall or both firewalls (if in HA) to see the changes to the CPU.

 

 

Labels
Top Kudoed Authors