Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Georges_Orwell
New Contributor

Delete Tunnels

Hello all, I just created site to site tunnel to trainning but now i can' t delete it. Can you help me? Fortigate 200D Forti OS 5.2. Thank you Georges Orwell
1 Solution
FortiAdam
Contributor II

I find that the best way to discover references is by going to system > network > interfaces and enabling the references column. Common references include routes, firewall objects, firewall policies, and phase-2 vpn objects. For some reason when you view references from VPN > IP Sec > IKE it doesn' t always show all references (at least in 5.0.x).

View solution in original post

11 REPLIES 11
Georges_Orwell
New Contributor

Finaly found route then i deleted it. after I was able to remove tunnels Thank you for your help
__innit__

A ping from host in subnet 192.168.206.0/24 to a host in subnet 192.168.203.0/24 is not generating any logs, and the VPN is down:

 

Fortinet17 # get system arp Address Age(min) Hardware Addr Interface 192.168.206.254 1 00:50:00:00:13:00 port2 192.168.10.2 0 00:50:00:00:01:00 port3 60.60.60.1 0 aa:bb:cc:00:60:20 port1

Fortinet17 # show sys interface config system interface edit "port1" set vdom "root" set ip 60.60.60.2 255.255.255.0 set allowaccess ping https ssh http set type physical set description "outside" set alias "outside" set role wan set snmp-index 1 next edit "port2" set vdom "root" set ip 192.168.206.1 255.255.255.0 set allowaccess ping set type physical set description "LAN_192.168.206.0_24" set alias "LAN_192.168.206.0_24" set role lan set snmp-index 2 next edit "port3" set vdom "root" set ip 192.168.10.5 255.255.255.0 set allowaccess http set type physical set snmp-index 3 next edit "port4" set vdom "root" set type physical set snmp-index 4 next edit "ssl.root" set vdom "root" set type tunnel set alias "SSL VPN interface" set snmp-index 5 next edit "Peer_2.2.2.1_24" set vdom "root" set type tunnel set snmp-index 6 set interface "port1" next end

Fortinet17 # show firewall policy config firewall policy edit 2 set name "vpn_Peer_2.2.2.1_24_local" set uuid eb5cb90c-10de-51e8-a82f-f046e583e108 set srcintf "port2" set dstintf "outside" set srcaddr "LAN_192.168.206.0_24" set dstaddr "LAN_192.168.203.0_24" set action accept set schedule "always" set service "ALL" set comments "VPN: Peer_2.2.2.1_24 (Created by VPN wizard)" next edit 3 set name "vpn_Peer_2.2.2.1_24_remote" set uuid eb6041bc-10de-51e8-2863-2c4b98988ea3 set srcintf "outside" set dstintf "port2" set srcaddr "LAN_192.168.203.0_24" set dstaddr "LAN_192.168.206.0_24" set action accept set schedule "always" set service "ALL" set comments "VPN: Peer_2.2.2.1_24 (Created by VPN wizard)" next end

Labels
Top Kudoed Authors