Hi. I recently replaced a FGT 200E (running 5.6.x) with a FGT 201F (6.2.x) where I lightly modified the configuration.
The new firewall (201F running 6.2.7) now shows high cpu usage on one alternating core.
CLI and diagnose sys top shows
Run Time: 0 days, 12 hours and 39 minutes
3U, 0N, 9S, 88I, 0WA, 0HI, 0SI, 0ST; 7979T, 3990F
appDemo 169 S < 99.8 0.8
So in other words the process appDemo uses 99,8% cpu.
I've tried to identify the appDemo process and the purpose of it without luck. It's not listed here: https://kb.fortinet.com/kb/documentLink.do?externalID=FD40822
Any clues on how to process further here?
I'm experiencing the exact same problem, on a FGT 200F 6.2.7.
Did you solve your problem? I can't seem to find anything about that process.
Hi. I'm waiting on Fortinet to create a new firmware. Seems to be a bug.
Its possible to disable FSSO polling and or change the ports that fsso uses
config system fsso-polling
set listening-port <8400>
config user fsso
set port <8400>
and then do a reboot on the fortigate fw.
Thanks for your answer.
So is it somehow related to the FSSO? Does it come from your personal experience or did u get an official answer from Fortinet?
Thank you very much.
Some weeks ago, we have opened a ticket to Fortinet support and we had got the same answer: change the FSSO polling agent port.
The issue seems be related to a driver that they're using in the F series. There should be a fix in the next releases but for now we have to stick with the workaroud.
Here are some more specific instructions (specifically for DC Agent mode) having run through this several times now (we are running the 601F in HA).
1. Change the port that FSSO uses on the FortiGate side - this is a per collector configuration.
config user fsso
edit <name of collector>
set port 8400
2. Set the listening port on the collector to match (as seen in the image below)
3. Reboot the firewall or both firewalls (if in HA) to see the changes to the CPU.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.