Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ojacinto
Staff
Staff

Created on ‎09-27-2024 12:15 AM Edited on ‎03-13-2025 10:41 PM By Community Manager

Article Id 344949

Troubleshooting Tip: Error message 'unregister_netdevice: waiting for Dialup_VPN_Name to become free. Usage count = 1'

Description This article describes an issue where error message'unregister_netdevice: waiting for <Dialup_VPN_Name> to become free. Usage count = 1'is shown on comlog or console output, potentially causing device inaccessibility and VPN tunnel disruptions.
Scope FortiGate v7.2.8, v7.2.9, v7.2.10, v7.4.4.
Solution

When the error message is shown on the comlog output, for example:

 

FW-HUB-01 # diag debug comlog read
Disabling the comlog feature...
OK
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<

--- COMLOG TIME: 2024-04-10 11:00:00 ---

--- COMLOG TIME: 2024-04-10 12:00:00 ---

--- COMLOG TIME: 2024-04-10 13:00:00 ---

--- COMLOG TIME: 2024-04-10 14:00:00 ---
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1
unregister_netdevice: waiting for VPN_BRANCH_0 to become free. Usage count = 1

This can lead to the iked process remaining in D status and httpsd daemon has multiple parallel processes in D status causing some GUI pages to not load (in some cases FortiGate is inaccessible) and VPN tunnels to stop working.

The workaround for this behavior is to disable the option 'net-device' on the VPN phase1 settings for the reported VPN tunnel and all Dynamic tunnels on the Fortigate (HUB side, due to net-device is not necessary on the ADVPN HUB side).

config vpn ipsec phase1-interface

      edit VPN_BRANCH
           set net-device disable <-----

      end

end

 

For a detailed understanding of the net-device functionality, refer to this related KB article: Technical Tip: Understanding the net-device feature in FortiGate ADVPN Implementation 

 

This issue has been resolved in v7.2.11, v7.4.5 and v7.6.0.

 

Related document:

Resolved issues-7.4.5
Resolved-issues-7.6.0 
Resolved-issues-7.2.11 
Labels:
3123
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.