Technical Tip: Unable to delete VLAN Interface Gre... - Fortinet Community

FortiGate

FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.

Article Id 335102

Description

This article describes that, after creating a VLAN interface on a Fortinet FortiGate firewall, the delete button in the GUI can be greyed out, making it unclear how to remove the interface.

Scope

FortiGate

Solution

Cause:

Removing a VLAN interface in FortiGate requires confirming that no configurations are linked to the interface. The following steps outline how to do this using both the GUI and CLI.

Screenshot 2024-08-21 144508.png

Solution:

Identify the VLAN interface to be removed.

Examine the 'Ref.' column adjacent to the interface. This indicates the count of configurations that reference it.

Screenshot 2024-08-21 145007.png

Check the 'Ref.' Column:
Select the number in the 'Ref' column next to the interface. This displays a list of configurations currently using the interface.

Review and delete any configurations listed in the pop-up that are linked to the interface.

Screenshot 2024-08-21 145341.png

'Network -> Interfaces'.

Deleting the Interface:

Once all referencing configurations are removed, the Delete button becomes active, allowing the removal of the interface.

Screenshot 2024-08-21 145658.png

(e.g., policies, routes, DHCP servers)

CLI Method:

To check the reference via CLI, run the following:

diag sys cmdb refcnt show system.interface.name <name_of_the_VLAN_interface>

To delete VLAN via the CLI:

config system interface
delete <name_of_the_VLAN_interface>

Remove References: Based on the output, delete or modify any dependent configurations (e.g., firewall policies, routes):

config firewall policy

delete <policy_id>

end

Delete VLAN Interface: After clearing all references, delete the VLAN interface:

config system interface

delete <vlan_interface_name>

end

Best Practices:

Always ensure to backup configurations prior to making any changes.
Utilize 'diag sys cmdb refcnt' to confirm that no references are left behind.

Related Articles:

Technical Tip: Facing issue removing an object from FortiGate even when it is not referenced

Troubleshooting Tip: Cannot delete no-reference object

Technical Tip: How to Check Referenced Objects

Troubleshooting Tip: Verifying FortiGate configuration object references and dependencies

4332

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Copyright 2025 Fortinet, Inc. All Rights Reserved.