Unable to delete a VPN phase2

Forum|Forum|14 years ago
February 7, 2012
3 replies
7545 views

Hi, After creating a VPN ipsec phase2 in order to make tests with our new vpn Fortigate, we have deleted it because it is not used under production' s environnment. But this phase2 remains visible under " VPN/Monitor IPsec" . Is it possible to delete it ? Thanks.

ede_pfau

SuperUser

In the console window, type ' diag vpn tunnel flush' . This kills ALL tunnels though so the valid ones have to renegotiate.

rodjeurAuthor

New Member

Thanks ede_pfau, I' ve tried your command, but the phase2 still persists in the list of tunnel. I can see it with such a command: " diagnose vpn tunnel list" It appears like this: " proxyid=<name_of_phase2> proto=0 sa=0 ref=1 auto_negotiate=0 serial=23 src: 0:<ip_src>:0 dst: 0:<ip_dest/mask>:0" I' ve tried this command too, but unsuccessfully: " diagnose vpn tunnel deloutbsa <name_of_phase2>" I need at least one SPI, but I have no one... No idea ?

rodjeurAuthor

New Member

Ok, I have created a new phase2 with same name and same parameters than the old one, and I was able to delete it properly. The old one is now completly removed. Bye.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded