This article describes how to properly identify the following behavior and resolve this issue permanently.
FortiGate-VM deployed in the Hyper-V platform may get into an unresponsive state where multiple services are impacted: GUI management, CLI commands, SSL VPN sessions, DHCP assignment, traffic throughput, and reboot functions.
Other symptoms are associated with internal services going into a 'D' state indefinitely.
This issue may affect Fortios Hyper-V versions from 7.2.5 or 7.4.0 and below.
This issue was addressed and resolved on Fortios VM for Hyper-V versions from 7.2.6 or 7.4.1 and higher
This issue can be tracked by issue ID 924689.
How to confirm if there is this issue:
GUI pages may fail to load properly, missing parts of the page, with the error 'undefined':
It must be associated with the following secondary symptoms:
From the diag sys top, you may see your affected service or functionality the going on 'D' state indefinitely.
diag sys top
Note down the PID (second column) from processes in the 'D' state, then use the command below to get more details:
From a process dump, confirm the process state (State: D (disk sleep)).
Also, the last Kernel Stack showing and waiting on rtnetlink (rtnl_lock) call.
diag sys process dump <process id>
The output from the commands above may help to quickly spot and match this issue.
The permanent solution is to apply Fortios VM for Hyper-V versions from 7.2.6 or 7.4.1 and higher.
Workaround:
The FortiGate can be rebooted from the Hypervisor management interface if no GUI is accessible.
To have additional assistance, do not hesitate to reach out the Fortinet Support:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.