I am trying to delete vpn tunnel I created for testing purpose. But I do not see the option to delete.
Any advice will be greatly appreciated.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
In GUI on right hand side of tunnel you should see a number showing how many references to the tunnel or associated objects there are. Clicking the number should list out the references, which you'll need to remove before you can delete the tunnel.
I understood that I need to delete those references. But how? I went to edit the tunnel page and tried to delete those settings but they won't go away. :(
You need to delete the *other* objects that are making the references. For example, the security policies and static routes that refer to the vpn.
the references like security policies and static routes have been deleted but I am still unable to delete this test tunnel. :(
Can you check any dhcp address added.
Try to delete from cli .
Regards,
Sudarsan Babu P
Do you see any other refs in the GUI? If not, there could be a ref hidden in the CLI to either the IPs used or the object. From CLI to search for them try: show full | grep - f IP And see if anything comes up.
Essentially you have to work backwards from how you created the tunnel. Remove the VPN Interface from any zones you had applied them to in the Interface section of the Fortigate. Delete all static routes that had reference that interface, remove that interface from all Firewall policy references (If not zoned, if zoned, then removing the interface from the zone should suffice). Then delete the VPN Tunnel you first created.
If you use the VPN wizard, it will create network objects for you. That is what will be stopping you from deleting the tunnel.
Policy & Objects > Addresses
You're looking for Subnets and AddressGroups that start with the name of your VPN. Hope that helps!
Hi,
When the FortiGate is in the state, where there is a tunnel interface configured, but the VPN itself is already deleted, the tunnel interface cannot be deleted directly.
For this you have to create an IPsec interface and then delete this VPN.
Please do follow the below articles for the same:
> https://community.fortinet.com/t5/FortiGate/Technical-Tip-Unable-to-delete-a-tunnel-interface/ta-p/2...
> https://community.fortinet.com/t5/FortiGate/Technical-Tip-Unable-to-delete-VPN-tunnel-even-if-policy...
Regards,
Durga A
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
226 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.