Skip to Content

How to fix Auto-reboot issue in FortiGate

By: Author Alex Lim

Posted on

Categories Troubleshooting

This article explains the auto-reboot behavior in FortiGate.

Scope

FortiGate.

Solution

After manually or automatically shutting down the FortiGate (by script), if the FortiGate auto-reboots, it means there is an internal issue:

Step 1: Check the crash log with the following outputs:

- "Node.JS restarted" happened several times with "Error: kill ESRCH"
"...2127: 2024-07-01 08:25:59 <00188> Node.JS restarted: (unhandled rejection)
2128: 2024-07-01 08:25:59 <00188> Error: kill ESRCH
2129: 2024-07-01 08:25:59 <00188> at process.kill (node:internal/process/per_thread:232:13)
2130: 2024-07-01 08:25:59 <00188> at /node-scripts/chunk-427c470654a75c6848e3.js:4:484599
2131: 2024-07-01 08:25:59 <00188> at Array.forEach (<anonymous>)
2132: 2024-07-01 08:25:59 <00188> at stopWorkers (/node-scripts/chunk-427c470654a75c6848e3.js:4:484572)
2133: 2024-07-01 08:25:59 <00188> at async CronSchedule.httpsdHealthCheck (/node-scripts/chunk-427c470654
2134: 2024-07-01 08:25:59 a75c6848e3.js:4:477006)
2135: 2024-07-01 08:25:59 <00188> at async Cron._trigger (/node-scripts/chunk-0238041ac4439f9b2c08.js:4:4
2136: 2024-07-01 08:25:59 8619)
..."

Step 2: Check the system events log:

"...
date=2024-07-02 time=12:02:13 eventtime=1719896533403457261 tz="+0700" logid="0100032200" type="event" subtype="system" level="critical" vd="root" logdesc="Device shutdown" user="admin" ui="GUI(10.16.36.52)" action="shutdown" msg="User admin shutdown the device from GUI(10.16.36.52)."

date=2024-07-02 time=12:08:06 eventtime=1719896864759070980 tz="+0700" logid="0100032009" type="event" subtype="system" level="information" vd="root" logdesc="FortiGate started" msg="Fortigate started"
...
date=2024-07-01 time=18:30:07 eventtime=1719833408160168579 tz="+0700" logid="0100032200" type="event" subtype="system" level="critical" vd="root" logdesc="Device shutdown" ui="autod" action="shutdown" msg="User shutdown the device from autod. The reason is 'Autod shutdown by stitch: Shutdown Fortigate at 18h30'"

date=2024-07-01 time=18:36:03 eventtime=1719833741559099140 tz="+0700" logid="0100032009" type="event" subtype="system" level="information" vd="root" logdesc="FortiGate started" msg="Fortigate started"
..."

It is necessary to confirm with the TAC for the fixed version.