Cannot Delete IPSec Phase 1

Forum|Forum|16 years ago
April 21, 2010
3 replies
3328 views

Today I was playing with setting up route-based IPSec policies to one of our remote offices and decided to start completely over. On my 110C (v4.0 MR1 Patch 3) when I click the delete icon for the Phase 1 configuration I get an error that the " Entry is Used." I have checked the static routes and nothing is entered there nor are there any firewall policies. I also tried doing this through CLI and get the same message. I was able to delete the Phase 2 entries with no problem. When I take a look at the Monitor tab I see the 2 VPN tunnels listed there, one shows as connected and the other as down. Does anyone know how I can get these Phase 1 entries cleared out? Thanks!

rwpatterson

New Member

Welcome to the forums. Make sure there are no address entities tied to this tunnel.

FortiRack_Eric

New Member

Fastest way to find out is to make a backup from your fortigate and search the config file for the P1 name. You' ll find the culprit soon. Cheers, Eric

red_adair

New Member

In case you use Interface VPN: # diag sys checkused system.interface.name <vpn-phase1-name> That should reveal all dependencies for that " interface" . -R.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded