Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
L14507
New Contributor II

Created on ‎10-11-2018 06:19 AM

How can I delete vpn tunnel I created?

I am trying to delete vpn tunnel I created for testing purpose. But I do not see the option to delete.

Any advice will be greatly appreciated.

110906
9 REPLIES 9
tanr
Valued Contributor II

Created on ‎10-11-2018 09:27 AM

In GUI on right hand side of tunnel you should see a number showing how many references to the tunnel or associated objects there are.  Clicking the number should list out the references, which you'll need to remove before you can delete the tunnel.

59711
L14507
New Contributor II
In response to tanr

Created on ‎10-11-2018 09:32 AM

I understood that I need to delete those references. But how? I went to edit the tunnel page and tried to delete those settings but they won't go away. :(

59711
0 Kudos
tanr
Valued Contributor II
In response to L14507

Created on ‎10-11-2018 05:09 PM

You need to delete the *other* objects that are making the references. For example, the security policies and static routes that refer to the vpn.

59711
0 Kudos
L14507
New Contributor II
In response to tanr

Created on ‎10-12-2018 06:12 AM

the references like security policies and static routes have been deleted but I am still unable to delete this test tunnel. :(

59711
0 Kudos
Sudarsan_Babu
Contributor
In response to L14507

Created on ‎10-12-2018 06:25 AM

Can you check any dhcp address added. 

 

 Try to delete from cli . 

 

 

 

Regards,

Sudarsan Babu P

Regards, Sudarsan Babu P
59711
0 Kudos
tanr
Valued Contributor II
In response to Sudarsan_Babu

Created on ‎10-12-2018 09:23 AM

Do you see any other refs in the GUI? If not, there could be a ref hidden in the CLI to either the IPs used or the object. From CLI to search for them try: show full | grep - f IP And see if anything comes up.

59712
0 Kudos
Knox_122
New Contributor
In response to L14507

Created on ‎10-17-2018 12:03 PM

Essentially you have to work backwards from how you created the tunnel. Remove the VPN Interface from any zones you had applied them to in the Interface section of the Fortigate. Delete all static routes that had reference that interface, remove that interface from all Firewall policy references (If not zoned, if zoned, then removing the interface from the zone should suffice). Then delete the VPN Tunnel you first created. 

59712
0 Kudos
simonl
New Contributor
In response to Knox_122

Created on ‎03-11-2019 06:53 PM

If you use the VPN wizard, it will create network objects for you. That is what will be stopping you from deleting the tunnel.

 

Policy & Objects > Addresses

 

You're looking for Subnets and AddressGroups that start with the name of your VPN. Hope that helps!

59712
0 Kudos
Durga_Ashwath
Staff
Staff

Created on ‎09-14-2023 02:28 AM

Hi,

When the FortiGate is in the state, where there is a tunnel interface configured, but the VPN itself is already deleted, the tunnel interface cannot be deleted directly.
For this you have to create an IPsec interface and then delete this VPN.

Please do follow the below articles for the same:
> https://community.fortinet.com/t5/FortiGate/Technical-Tip-Unable-to-delete-a-tunnel-interface/ta-p/2...
> https://community.fortinet.com/t5/FortiGate/Technical-Tip-Unable-to-delete-VPN-tunnel-even-if-policy...

Regards,
Durga A

26822
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.