Hi,
We are in the process of upgrading our environment from v5.4 to v5.6.7. So far, we have upgraded Fortimanager and a couple of test firewalls.
In our environment, we use custom IPSec VPNs extensively.
Previously under v5.4, when defining an IPSec VPN on a Fortigate, we were able to delete the Phase 1 proposals that we do not use and then Save the change.
Under v5.6 however, we are unable to delete Phase 1 proposals; there isn't any buttons. Not only that, there isn't an Ok button at the button; just a Return button.
Has anyone else seen this before?
Thanks for your time.
LarW63
We have version 5.6.x and we are deleting old IPSecs with cli.
#go to phase2
config vpn ipsec phase2-interface
#list
sh
edit "test"
set phase1name "test"
set comments "VPN: test (Created by VPN wizard)"
set src-addr-type name
set dst-addr-type name
set src-name "test_local"
set dst-name "test_remote"
next
#remove phase2-interface
delete test
#go to phase1
config vpn ipsec phase1-interface
#list
sh
edit "test"
set interface "port4"
set peertype any
set comments "VPN: test (Created by VPN wizard)"
set wizard-type static-fortigate
set remote-gw 1.1.1.1
set psksecret ENC S4b/rwT7EwLNhoNvXQU6xVTO7JR86VcF6jKE9bjksey2VIkGwscZrJnoUzSb1oTMy2JbGPIzkx3qKIdzTjx2yAkzSZAUnsr3yI/sSLlqifvYOE3L5GZxAQvY/imWTNfKKeZyXm0z6zhUP1EmOx8Iz7Uwci3iPY98PqSWcR7e4NaUSYeITb6ZO6eoln2Nd3782lPbwQ==
next
#remove phase1-interface
delete test
If you get this message, you must delete policy and routing:
This phase1-interface is currently used
command_cli_delete:5493 delete table entry test unset oper error ret=-23
Command fail. Return code -23
User | Count |
---|---|
2677 | |
1412 | |
810 | |
703 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.