Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Fortigate 60C stops passing Internet traffic randomly

Posted on 2012-03-13
3
Medium Priority
?
8,456 Views
Last Modified: 2012-04-11
We recently received a Fortinet FortiGate 60C unit as an RMA replacement for a 60B. About 10 days after we received it the unit began to stop passing Internet traffic at seemingly random intervals. The only solution we found was to restart it.

Fortinet support suggested that the reason the unit was freezing was because it was going into conserve mode which happens when memory usage gets to 80%. We reduced the number of policies in use and changed UTM inspection mode from proxy to flow based. I also shut off dns-upd session helper. The resources now level out at about 20% CPU and 70% memory.

And still the device randomly freezes and stops passing traffic. We are running 4.0 MR3 Patch 5, NAT mode, standalone, one internal and one external interface, no virtual domains. UTM: Antivirus, Web Filter, Application Control, IPS, Email Filter. Also, we are using per-IP traffic shaping. We are logging to disk and not to memory. This is on a network of 113 clients, 63 of whom are regular Internet users.

The only consistent "fix" I have found is to reload the firmware. This buys about 10 days of uninterrupted Internet access.

If anyone has suggestions of what to try to get this thing to stay up I would very much appreciate it. My biweekly Fortinet support ticket ritual is becoming tiresome.
0
Comment
Question by:vmsrf
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 4

Accepted Solution

by:
xanandu earned 2000 total points
ID: 37802465
The 70% memory is still high. especially as during peak hours of heavy traffic shaping this will cause this number to go up quite a bit. I have seen devices peak from 40% usage early morning to north of 95% during noon due to demand "spikyness"

Check the memory used during the next crash. and try a "diag system top" to see what the top memory consuming process is.

From the sounds of it, the Per-IP traffic shaping is what is causing it, more traffic during peak hours cause certain UTM functions to REALLY suck back the resources. Traffic shaping is one of them. Per IP means each computer has its own traffic shaping policy instead of using a group policy.

If you wish to continue to use your fortigate like this, you will probably have to upsize. In the meantime you can apply ID based policies, release the traffic shaping, and anybody that abuses the network gets put into the throttling groups.
0
 

Author Comment

by:vmsrf
ID: 37802854
Interesting. On the last crash the CPU went to 95% and the offending service was httpd. I will try disabling Per-IP traffic shaping for a week and report back. That could be it.
0
 

Author Closing Comment

by:vmsrf
ID: 37835893
The unit hasn't crashed all week so I'm thinking the traffic shaping may indeed have been causing this. There is another patch out now that addresses high CPU utilization so I will apply that as well.

I would have to agree that this unit is probably undersized for the environment and the way we use it.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
We sought a budget ($5,000) firewall solution that would provide all the performance we needed with no single point of failure.  Hosting a SAAS web application in our datacenter, it was critical that we find a way to keep connectivity up and inbound…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question