FortiGate has reached connection limit..message
来源:互联网 发布:淘宝优惠卷怎么赚钱 编辑:程序博客网 时间:2024/05/01 02:25
This above message may be displayed on the Alert Message Console GUI. It is similar to the “The system has entered conserve mode” Event log message.
Explanation:
The antivirus engine was low on memory for the duration of time shown. Depending on model and configuration, content can be blocked or pass unscanned under these conditions.
“The system has entered conserve mode” log message explanation
The FortiGate antivirus system operates in one of two modes, depending on the unit’s available memory. If the free memory is greater than 30% of the total memory then the system is in non-conserve mode. If the free memory drops to less than 20% of the total memory, then the system enters conserve mode. When the free memory once again reaches 30% or greater of the total memory, the system returns to non-conserve mode.
Antivirus functionality and performance is impacted when the unit enters conserve mode. For more information, see the Fortinet Knowledge Center article "Antivirus failopen and optimization".
A Fortigate unit that continuously and frequently enters conserve mode may be under scaled for the type of network flows that are being scanned by it. You can do the following to alleviate the problem:
- disable logging to memory (Log&Report > Log Config > Log Setting).
- disable certain protocols (HTTP, FTP, SMTP, POP, IMAP) from being antivirus scanned (Firewall > Protection Profile).
- reduce the ‘Oversize Threshold Configuration’ memory settings for each respective protocol (Anti-Virus > Config > Config).
- disable the DHCP server if it is not necessary (System > DHCP > Service and System > DHCP > Server).
- disable DNS Forwarding if it is not necessary (System > Network > DNS).
- disable all IPS Signatures and Anomaly detections, if IPS is not being used. This can be done in a single operation by issuing the CLI command : diag ips global all status disable . If IPS is being used, disable all Signatures/Anomalies that are not relevant or required in your network environment (IPS > Signature and IPS > Anomaly).
- replace the Fortigate unit with a model that has more memory. See the Fortinet Knowledge Center article "Maximum oversize threshold" for memory sizes per Fortigate model.
Note: You will have to reboot the FortiGate unit after having disabled the various features and services, in order to free up the memory.
See also the Fortinet Knowledge Center article "How to Achieve Maximum Performance with a FortiGate Antivirus Firewall" for other related information. Although this document states that it is for v2.50, it can also be applied to v2.80.
- FortiGate has reached connection limit..message
- No managed connection after pool limit reached
- The maximum report processing jobs limit configured by your system administrator has been reached
- fix 421 Maximum login limit has been reached. on hdfs-over-ftp
- Crystal report 出现maximum report processing jobs limit configured by your system administrator has been reached错误的解决办法.
- Crystal report 出现maximum report processing jobs limit configured by your system administrator has been reached错误的解决办法.
- 解析xml文件时,错误信息org.xml.sax.SAXParseException:Parser has reached the entity expansion limit "64,000" se
- internal heap limit reached问题的解决
- 解析xml文件时,错误信息org.xml.sax.SAXParseException:Parser has reached the entity expansion limit "64,000" set by the Application.的解决办法
- iOS真机调试-Your maximum App ID limit has been reached. You may create up to 10 App IDs every 7 days
- iOS开发中,真机调试-Your maximum App ID limit has been reached. You may create up to 10 App IDs every 7 da
- fatal error C1076: compiler limit : internal heap limit reached; use /Zm to specify a higher limit
- fatal error C1076: compiler limit : internal heap limit reached; use /Zm to specify a higher limit
- fatal error C1076: compiler limit : internal heap limit reached; use /Zm to specify a higher limit
- fatal error C1076: compiler limit : internal heap limit reached; use /Zm to specify a higher limit
- compiler limit : internal heap limit reached; use /Zm to specify a higher limit
- fatal error C1076: compiler limit : internal heap limit reached; use /Zm to specify a higher limit
- Recompilation limit of 15 reached HostingEnvironment initiated shutdown原因排查
- JavaBean中调用ICTCLAS的dll给Jsp
- Configuring OpenSwan for FortiGate VPN
- DNS translation feature configuration example
- 软件测试中的验收测试
- SSL-VPN fortisslvpn.splittunnelinfo error message
- FortiGate has reached connection limit..message
- Runtime-only config mode
- Fortinet ssl vpn simple config
- 邻家小孩
- Loading FortiGate firmware using TFTP
- Limiting YouTube bandwidth for fortios 3.0
- 关注HP正式及外包职位
- 最近求职经历
- FortiOS 3.0 部分网站及MSN无法登陆解决方法