FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
calink
Staff
Staff
Article Id 361180
Description This article describes why recreating a remote access IPsec VPN can generate the error 'Unable to Setup VPN'.
Scope FortiGate.
Solution

The error 'Unable to Setup VPN' happens in the last step of recreating an IPsec Remote Access VPN.

This is a result of previous attempts to create an IPsec VPN with the same name and the IPsec Wizard attempts to create objects for IPsec VPN that are duplicates of the previous IPsec VPN creation attempt.

 

Remote-Unable to setup VPN.png

 

When the previous IPsec VPN is deleted using the references, it deletes the Policy that is automatically created by the Wizard. Phase2 is also deleted and then the option to delete the tunnel is available.

 

Two things need to be deleted:

 

The address range created by the IPsec VPN Wizard.

 

delete-address-objects.png

 

The split tunnel address group was created by the IPsec VPN Wizard (this object may not be present if the VPN being created is not using Split-Tunneling).

 

delete-split-tunnel.png

 

Once these elements are deleted, attempt to recreate the VPN again and it should now set up successfully.