How to resolve the issue of high CPU usage when clients are connected to the LAN port only?

Options
Zyxel_Jeff
Zyxel_Jeff Posts: 1,101  Zyxel Employee
First Anniversary 10 Comments Friend Collector First Answer

Scenario :

Users may encounter an issue where, when clients are connected only to the LAN port and configure the firewall through the Web-GUI, the firewall fails to connect to the WAN port, resulting in high CPU usage from time to time, as shown below:

What is the cause of this issue and how can it be resolved?

Answer :

The reason for the high CPU usage is the numerous DNS queries initiated from LAN hosts (such as browsers, background applications, or Windows update requests) that cannot be resolved successfully by the firewall due to its lack of connection to the WAN port. How can this be resolved? Please refer to the answers below:

(1). Connect to the WAN to enable successful resolution of DNS queries, which will normalize the CPU usage.

If you are unable to connect to the WAN port, please refer to answers (2) and (3).

(2). Navigate to Security Policy > Session > Restrict the session number to 100 or lower.

(3). Navigate to Security Policy > ADP >Add a LAN ADP_PROFILE and enable the UDP Flood feature.