Saturday, May 23, 2009

Bug Alert - FortiOS 4.0.2 and FortiManager

When adding a Fortigate 4.0.2 to a Fortimanager 4.0.1 the CPU on the firewall spikes to 100%, the culprit being the FGFMD process which handles communication with the FortiManager. Simply removing the firewall from FortiManager resolves the problem.
Recent forum posts suggest that this is an issue that might be fixed in FortiOS 4.0.3

** Update **
Rather than removing the unit from FortiManager you can also disable Central Management on the firewall itself: System -> Admin -> Central Management -> Uncheck "Enable Central Management".

** Update #2 **
Based on Fortinet's response I looked at the certificates which are installed on the firewall being affected. Turns out that I had a custom generated certificate loaded. After I deleted the certificate the CPU utilization remains normal, even when connected to the FortiManager.


Anonymous said...

i´ve the same problem with a FortiGate 60 3.00-b0737 connected to FortiManager 4.0.1-b0089.

Anonymous said...

Sitting at %99 cpu. No fortimanager and central admin is off. No custom certs. I deleted all the widgets thinking they may be pegging the CPU and rebooted (had added a 3rd dashboard). Sitting at 2% - %8 now

Anonymous said...

High CPU with IPS engine enabled

April 22, 2010

After upgrading a FortiGate device to v4.0 MR2 (B0272), under certain conditions the CPU may spike to over 90%. The issue is caused by a bug in the MIME parser of the IPS engine code when handling the header line of some emails. Some cases have been reported to FortiCare support where the CPU usage returns to a normal state on its own after a short period.

Affected Products:
All FortiGate models running FortiOS v4.0 MR2 B0272 and using IPS Engine version 1.161.

This bug is fixed with an interim IPS engine that is available from Customer Support for manual update. An updated IPS engine, version 1.162, will be released to customers running FortiOS v4.0 MR2 by Tuesday, April 27, 2010.