Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MitchK
New Contributor

System Connection Limit Reached

I just noticed the following message on my dashboard' s Alert Message Console: " Fortigate has reached system connection limit for 31 seconds" . It occurred four times, each time with different numbers of seconds, the most was 66 seconds. What does this mean, and is there a way to increase the limit? Thanks very much.
Mitch Fortigate-300A 4.00 (MR3 Patch5) Fortigate-200B 4.00 (MR3 Patch5) Fortigate-50B 4.00 (MR3 Patch6) FortiAnalyzer 100C (MR3 Patch1)
Mitch Fortigate-300A 4.00 (MR3 Patch5) Fortigate-200B 4.00 (MR3 Patch5) Fortigate-50B 4.00 (MR3 Patch6) FortiAnalyzer 100C (MR3 Patch1)
12 REPLIES 12
ede_pfau
SuperUser
SuperUser

Still where can I see the Log allowed traffic result ? Log Access --> Memory and from here ... ?
surprisingly, nobody answered your question. You see traffic logged in the Traffic log, not in the Event Log. To add to an old discussion, I guess this alert condition can not only be raised if ALL of the memory is exhausted but also when certain buffers only are consumed. Like heaps, address object space, queues and such. There might be " free" memory left but the maximum number of allocated buffers reached. So in practice it' s not easy to pinpoint which setting eventually caused the alert.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
laf
New Contributor II

Thanks mate! By any chance do you know: if I tick Log allowed traffic, but no external logging appliance/service is connected will it increase the equipment CPU/Memory load?

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.

The most expensive and scarce resource for man is time, paradoxically, it' s infinite.
ede_pfau
SuperUser
SuperUser

If you log into memory then a certain fixed amount of memory is allocated for the log. This is of limited usefulness if you see heavy traffic. With just 20 users I only get to see a few minutes of traffic log on a FG-80C with 1 GB total memory. For anything past that time window I' m out of luck then. So yes it does add to the memory consumption but this will not increase over time. Whether it uses ressources if you do NOT check any one of " remote syslog" or " memory" log destinations but check " Log allowed traffic" in each policy I' d have to guess that it' ll use CPU cycles and perhaps some memory for buffers. In practice I always enable logging on policies routinely; more often than not I have to use it. And I haven' t run into memory troubles because of this yet.
Ede Kernel panic: Aiee, killing interrupt handler!
Ede Kernel panic: Aiee, killing interrupt handler!
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors