Description | This article describes why recreating a remote access IPsec VPN can generate the error 'Unable to Setup VPN'. |
Scope | FortiGate. |
Solution |
The error 'Unable to Setup VPN' happens in the last step of recreating an IPsec Remote Access VPN. This is a result of previous attempts to create an IPsec VPN with the same name and the IPsec Wizard attempts to create objects for IPsec VPN that are duplicates of the previous IPsec VPN creation attempt.
When the previous IPsec VPN is deleted using the references, it deletes the Policy that is automatically created by the Wizard. Phase2 is also deleted and then the option to delete the tunnel is available.
Two things need to be deleted:
The address range created by the IPsec VPN Wizard.
The split tunnel address group was created by the IPsec VPN Wizard (this object may not be present if the VPN being created is not using Split-Tunneling).
Once these elements are deleted, attempt to recreate the VPN again and it should now set up successfully. |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.