Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jtfinley
Contributor

Created on ‎10-30-2010 03:38 PM

Random reboots

My Fortigate WIFI 60B, latest build (v4.0,build0291,100824 (MR2 Patch 2)) is randomly rebooting. I can' t see a cause for it other than this little blurb in the Event Log. 317 2010-10-30 17:49:00 information dhcp 26001 Client requests IP address/configuration parameters 318 2010-10-30 17:49:00 information system 20001 authentication Client 00:23:12:0b:2d:6b does WPA 319 2010-10-30 17:49:00 information system 20001 associate Accepted association from 00:23:12:0b:2d:6b 320 2010-10-30 17:48:55 information admin 32006 Fortigate started 321 2010-10-30 17:48:55 notice admin 32401 init add Administrator daemon_admin added an application control list WoW-Choke from init 322 2010-10-30 17:48:55 notice admin 32401 init add Administrator daemon_admin added an application control list monitor-p2p-and-media from init 323 2010-10-30 17:48:55 notice admin 32401 init add Administrator daemon_admin added an application control list block-p2p from init 324 2010-10-30 17:48:55 notice admin 32401 init add Administrator daemon_admin added an application control list monitor-all from init 325 2010-10-30 17:48:55 notice admin 32120 init add Administrator daemon_admin added an address all from init
7338
0 Kudos
20 REPLIES 20
jmac
New Contributor

Created on ‎10-31-2010 10:32 AM

No help, but a possible trend. I support a FortiGate-60B running 4.2.2 which after upgrading to that release started randomly restarting once every 2 to 10 days. Fortinet RMA' d the unit and I have just determined the replacement is doing the same. Seems like something in the 4.2.2 firmware may be at fault. I' m hesitant to go back to 4.2.1 as there were essential bug fixes in 4.2.2 which were needed for that site, and the 4.2 general release solved a different issue. Examining the logs prior to the restart do not indicate anything abnormal. The unit has a UTM bundle subscription and uses AV, IPS, and Application Control services. Users are authenticated via FSAE (latest version). The restart time-of-day and duration between restarts does not reflect a pattern and doesn' t point to any obvious contributing factors. I have a FortiWiFi-60B in my office running 4.2.2 which has not experienced the problem. The primary difference for my office unit is it has much lower traffic volume and the service subscription expired recently so it is no longer receiving AV/IPS updates. To see if the update process might be contributing to the issue, I have now made a change on the restarting unit to disable push updates and set scheduled updates to once a day at a set time I can use for comparison.
3630
0 Kudos
jtfinley
Contributor
In response to jmac

Created on ‎10-31-2010 11:46 AM

Interesting. I once experienced (2) reboots in a 10 minute period, but can go for a few days. I work wireless, so out of no where, I' ll see my wireless signal drop and DHCP query. I' ll get reports the Internet is down until it boots. I don' t see anything abnormal similar to your findings. I have it update AV signatures every hour.
3630
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎11-01-2010 08:22 AM

Crashes indicate either a software bug (zero pointer reference) or a 100% memory consumption. This can be caused by a faulty process, a memory leak etc. I' d try to switch off the mentioned malware features to see if it influences the interval between crashes. If you find anything that can be replicated, open a support call with Fortinet. They' ll fix it but only if it is reasonably easy and reliably to reproduce. Years ago my 50A started to reboot all of a sudden, and only stopped when I disconnected the WAN line. Some evil network had hammered away at the poor box so violently that it couldn' t keep up with the traffic and crashed onto the wall. But from your description I don' t think you have a similar case here.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
3630
0 Kudos
jmac
New Contributor
In response to ede_pfau

Created on ‎11-01-2010 12:38 PM

The FG-60B I have had problems with I monitor through SNMP and collect CPU, memory, session count and bandwidth data. I have not seen any indication of memory issues or traffic changes before it restarts. A cold start trap tells me when it restarts. I also collect full logs via syslog, including traffic, webfilter and app-control. Nothing stands out prior to the time of the restart as different or unusual compared to any other time. As of now, it' s been running for 2 days 3 hours since the start restart. I' m waiting to see if scheduled update timing makes a difference or not. I had a ticket open when the original unit was RMA' d but I' m not going to re-open it without some additional evidence or it will probably be a waste of time. Other than that, I can only hope it may go away when 4.2.3 or 4.3.0 is released.
3630
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎11-02-2010 10:24 AM

could it be power surges/spikes? Do you have a spare UPS to try it out?
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
3630
0 Kudos
Not applicable

Created on ‎11-03-2010 02:39 PM

I support a client with with a single 60B at each of their two sites. I recently upgraded to both units 4.2.2 build 291 and have seen random reboots since the upgrade on both devices. I also have SNMP monitoring on both devices and neither device shows any kind of spike prior to the reboots nor are there entries in the logs that indicate a problem. Has anyone had any luck in determining how to prevent 60B' s with 4.2.2 from randomly rebooting. This client is very sensitive to downtime, so even a 5 minute reboot in the middle of the day is a problem. We are looking to upgrade to a High Availability setup, but it would be nice to stabilize current setup in the mean time.
3630
0 Kudos
jtfinley
Contributor
In response to

Created on ‎11-03-2010 04:03 PM

dsant1, No I have not resolved it yet. However, we have not had a reboot in 2 days. It must be something with IPS,AV or something. Perhaps you can open a case w/ Fortinet since you have logs. I' m not syslogging but I probably should setup a box to do so.
3630
0 Kudos
ede_pfau
SuperUser
SuperUser

Created on ‎11-04-2010 06:36 AM

@dsant1: I recommend downgrading to 4.1.8. Normally, downgrading will wipe out the configuration but I have done it before without any troubles like that. Be sure to have a recent config backup before you start. You can downgrade one side after the other, the version does not influence VPN or routing. And then open a support case with Fortinet to learn if anybody else has already reported this and maybe a bugfix is available.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
3630
0 Kudos
jtfinley
Contributor
In response to ede_pfau

Created on ‎11-11-2010 07:04 AM

I opened a ticket on this #466960. It' s happening way too often. I' m having issues w/ my Fortimanager also using build v4.0-build0374 101008 (MR2 Patch 3). Joe
3630
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.