Troubleshooting Tip: FortiGate object cannot be deleted yet no reference in the config

This issue rarely happens, the symptom often comes from two scenarios.

1. FortiManager push trying to delete an unused object but failed, error msg can be seen in the push error log.
2. In FortiGate GUI or via CLI, when trying to delete a no longer used object, the system returns an error message that the object is still being referenced by another object and this can be seen in the GUI and via the CLI reference command.

But when searching such object in the config, there is no match, this means the object is indeed not being used.

The root cause for the two cases above is identical: in the FortiGate memory, the object is being referenced, but it is not reflected in the config file. Object usage reference can be examined in either the GUI or CLI.

To address the issue, perform a reboot to clear the error reference in the memory. After the reboot, the configuration will be loaded into the FortiGate without such reference and the unused object can be deleted.

If the FortiGate is in a cluster, it is the best practice to reboot all units (reboot the secondary unit first, after it comes up and and forms the HA, reboot the primary unit).

Note 1: As this is an error in the memory and not in the configuration, the HA config synchronization will not be impacted.

Note 2: One of the possible reasons for this issue to occur is given in the link below. It might be the case that the SD-WAN object is referenced not with its name, but with its member's number in the Performance SLA: Troubleshooting Tip: Unable to delete SD-WAN Interface.

Related article:

Technical Tip: How to Check Referenced Objects in FortiGate