Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Touchnet_Priority
New Contributor II

Cannot delete VDOM due to tunnel interfaces

Model: 100E

Firmware: v7.0.0 build0066 (GA)

 

I am unable to delete a VDOM configured on our 100E because there are two tunnel interfaces that are being referenced (l2t.STANBEL and naf.STANBEL), however when I try to delete these interfaces I get the following error:

 

error.JPG

 

  • Command_cli_delete:6588 delete table entry l2t.STANBEL unset oper error ret=-160.

 

These two tunnel interfaces were created automatically when I first created the VDOM. They're not being referenced anywhere, they're not being used for any static routes or anything but attempts at deleting them via CLI and GUI always fail. And because I cannot delete these interfaces, I cannot delete the VDOM due to the references, as below

 

references.JPG

 

I've also tried setting the VDOM for these interfaces to another VDOM, but this also failed. Please let me know if this is a known bug with the firmware, or if there is a step I am missing. Any and all assistance is greatly appreciated! Please let me know if more info is needed.

 

 

 

1 Solution
vdralio

Dear @Touchnet_Priority ,

 

An easy way is:

- download configuration file

- remove the reference objects using notepad

- upload the configuration again in the FortiGate.

- Then you can delete the VDOM normally.

Also regarding your issue, this is also similar to an internal Engineer Ticket id (713130)-> Should no lt2p tunnel interface on GUI when it is disabled. This is resolved in FortiOS 7.0.6

 

Best Regards,

Vasil Dralio

View solution in original post

5 REPLIES 5
hfr
New Contributor

Did you use  "diagnose sys cmdb refcnt show system.vdom.name <vdom name>" to verify that nothing else is referenced?

Had the same issue in the past with a device on 7.0.2, assumed I need to delete the tunnel interface, but it was something else referenced, that was only showing up with the cli command from above.

Once I fixed it I was able to delete the vdom without removing the tunnel interfaces.

Touchnet_Priority

Thank you for your response

 

I ran the command and it shows the following. How would I go about removing these entries?

 

diag sys cmdb refcnt show system.vdom.name STANBEL
entry used by table system.interface:name 'l2t.STANBEL'
entry used by table system.interface:name 'naf.STANBEL'
entry used by table system.interface:name 'ssl.STANBEL'
entry used by child table gui-dashboard:id '81' of entry used by child table gui-dashboard:id '82' of entry used by child table gui-dashboard:id '83' of table system.admin:name 'TACACS'
entry used by table system.vdom-property:name 'STANBEL'

vdralio

Dear @Touchnet_Priority ,

 

An easy way is:

- download configuration file

- remove the reference objects using notepad

- upload the configuration again in the FortiGate.

- Then you can delete the VDOM normally.

Also regarding your issue, this is also similar to an internal Engineer Ticket id (713130)-> Should no lt2p tunnel interface on GUI when it is disabled. This is resolved in FortiOS 7.0.6

 

Best Regards,

Vasil Dralio

Touchnet_Priority

Thank you, upgrading to 7.0.6 resolved the issue.

 

Many thanks!

vdralio

@Touchnet_Priority 

 

Thanks for your feedback! Glad that I helped you! 

Labels
Top Kudoed Authors