This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

High CPU Usage / What exactly does the Concurrent Connections graph measure ?

I have an issue with the firewall going up to 100% CPU, which in turn leads to a completely unusable network.

The only other metric that shows a significant increase in this timeframe is the "Concurrent connections" metric under "Network Usage". Which peaks  at ~65k, which looks suspiciously like the max port limit for e.g. TCP.

There is no service open to external, except OpenVPN which is used by <10 users at a time.

So my question is what exactly can lead to the increase in concurrent connections. Does this metric include TCP connections that are routed through the firewall or only connections that are terminated by the firewall ?

Is there any way to prevent the high CPU usage proactively ?

It is a SG210 with Firmware 9.705-3

This thread was automatically locked due to age.
  • This is how the concurrent connections graph looks when this situation occurs.

  • Hallo and welcome to the UTM Community!

    When this problem occurs, what does top at the command line show as the culprit?

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA