Technical Note: How to bring down the shortcut VPN tunnel created by Auto-Discovery VPN (ADVPN)
Description
Solution
VPN shortcut tunnels cannot be flushed via the GUI like normal IPsec VPN tunnels.
As of FortiOS 5.4, a dynamic tunneling mechanism (named Auto-Discovery VPN - ADVPN) allows a traditional hub and spoke VPN’s spokes to establish dynamic, on-demand direct tunnels between each other so as to avoid routing through the topology’s hub device.
These dynamic tunnels are called shortcuts. This article provides the CLI command to tear down ADVPN shortcuts.
Solution
VPN shortcut tunnels cannot be flushed via the GUI like normal IPsec VPN tunnels.
To tear down a shortcut, use the below CLI command:diag vpn ike gateway flush name <shortcut_name>Related Articles