Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 43 subscribers
  • Views 6720 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High CPU usage on v18 on XG115

Breakingcustom

I upgraded an XG 115 to v18 and ever since then the CPU has been normally sitting at 75% and will occasionally get up to 85-95%.  The odd thing is there is only one person in the office.

Anyone else seeing similar issues?



This thread was automatically locked due to age.
Parents
  • 0

    I have not experienced this before. You might want to check with the information on https://community.sophos.com/products/xg-firewall/f/recommended-reads/117389/sophos-xg-cli-troubleshooting-tools

    SSH into the XG and select option 5. Device Management and 3. Advanced Shell.

    then just enter command top

    example of the output:

    top - 00:07:20 up 1 day, 11:45,  2 users,  load average: 0.30, 0.30, 0.27
    Tasks: 463 total,   2 running, 400 sleeping,   0 stopped,   2 zombie
    Cpu(s):  4.8%us,  2.5%sy,  0.0%ni, 92.2%id,  0.2%wa,  0.0%hi,  0.3%si,  0.0%st
    Mem:   8072224k total,  7661152k used,   411072k free,   190908k buffers
    Swap:  2268412k total,        0k used,  2268412k free,  4390484k cached

      PID  PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
    29097  20   0 2748m 507m  20m S  2.0  6.4   5:27.18 snort
    29098  20   0 2750m 509m  20m R  1.7  6.5   4:55.24 snort
     3902  20   0 25640 9688 7036 S  1.0  0.1  17:15.66 ctipd.bin
     2399  20   0  125m  45m  11m S  0.7  0.6  42:05.88 garner

     

    you should be able to see what process is causing the high cpu.

     

    cheers

     

     
     
  • 0 in reply to Dimitri Zuodar

    Dimitri Zuodar said:

    I have not experienced this before. You might want to check with the information on https://community.sophos.com/products/xg-firewall/f/recommended-reads/117389/sophos-xg-cli-troubleshooting-tools

    SSH into the XG and select option 5. Device Management and 3. Advanced Shell.

    then just enter command top

    example of the output:

    top - 00:07:20 up 1 day, 11:45,  2 users,  load average: 0.30, 0.30, 0.27
    Tasks: 463 total,   2 running, 400 sleeping,   0 stopped,   2 zombie
    Cpu(s):  4.8%us,  2.5%sy,  0.0%ni, 92.2%id,  0.2%wa,  0.0%hi,  0.3%si,  0.0%st
    Mem:   8072224k total,  7661152k used,   411072k free,   190908k buffers
    Swap:  2268412k total,        0k used,  2268412k free,  4390484k cached

      PID  PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
    29097  20   0 2748m 507m  20m S  2.0  6.4   5:27.18 snort
    29098  20   0 2750m 509m  20m R  1.7  6.5   4:55.24 snort
     3902  20   0 25640 9688 7036 S  1.0  0.1  17:15.66 ctipd.bin
     2399  20   0  125m  45m  11m S  0.7  0.6  42:05.88 garner

     

    you should be able to see what process is causing the high cpu.

     

    cheers

     

     
     

     

    I would do this, but I can't SSH.  I'm logged in with an admin account but can't seem to find the admin password.  Can't reset it because I don't know what it is.  Lovely.

  • 0 in reply to Breakingcustom

    Hi,

    the same password is used by admin in GUI, console and ssh connection.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    rfcat_vk said:

    Hi,

    the same password is used by admin in GUI, console and ssh connection.

    Ian

     

     

    The admin password is unknown. I'm just going to have onsite and reset it.  Then going to reinstall v18 fresh and see if the issue persists.

  • 0 in reply to Breakingcustom

    Do you have Central Management enabled? Sophos Central can remotely reset the password, if enabled. 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    LuCar Toni said:

    Do you have Central Management enabled? Sophos Central can remotely reset the password, if enabled. 

     

     

    I do and I tried that.  You can't do it via the gui because you need to know the original password.  When trying to access the Sophos CLI when you click on console it is asking for a password.  I tried RESET and that didn't work.  Am I missing something?

  • +1 in reply to Breakingcustom

    Central Management (Sophos Central) allows you to log in into the Webadmin of XG Firewall. 

    In this option, if you load the Webadmin of the XG Firewall, you can reset the Webadmin "admin" without knowing the current admin password. 

    With this changed Admin Password, you can use the CLI again. 

     

     

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    LuCar Toni said:

    Central Management (Sophos Central) allows you to log in into the Webadmin of XG Firewall. 

    In this option, if you load the Webadmin of the XG Firewall, you can reset the Webadmin "admin" without knowing the current admin password. 

    With this changed Admin Password, you can use the CLI again. 

     

     

     

     

    Why wouldn't support of told me that?  I didn't even think of checking there, I just assumed it would want the old one.

Reply
  • 0 in reply to LuCar Toni

    LuCar Toni said:

    Central Management (Sophos Central) allows you to log in into the Webadmin of XG Firewall. 

    In this option, if you load the Webadmin of the XG Firewall, you can reset the Webadmin "admin" without knowing the current admin password. 

    With this changed Admin Password, you can use the CLI again. 

     

     

     

     

    Why wouldn't support of told me that?  I didn't even think of checking there, I just assumed it would want the old one.

Children
No Data
Unfiltered HTML