Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
l33vi3w
New Contributor

Remove Virtual IP command

Hi,

 

Is there a command to remove a virtual ip, without using the gui?

I am using a serial connection to my Fortigate 201e.

I've been locked out and can't connect to it over https.

 

Thanks!

1 Solution
nbctcp
New Contributor III

FW1 # config firewall vip

FW1 (vip) # show config firewall vip edit "1" set extip 192.168.88.25 set extintf "port1" set mappedip "10.0.3.11" next end

FW1 (vip) # delete 1

FW1 (vip) # end

View solution in original post

http://goo.gl/lhQjmUhttp://nbctcp.wordpress.com
2 REPLIES 2
Yurisk
SuperUser
SuperUser

Fortigate is fully manageable via CLI as well. 

1. Find the policy ID where your VIP is used :

show firewall policy

2. Either delete the policy completely or disable it:  

a) Delete (make sure you use correct policy id), e.g. you want to delete policy with id 2:

 config firewall policy

delete 2

end

b) Disable, e.g. policy id 2:

config firewall policy

edit 2

set status disable

next

end

 

There can be slight delay between entering the commands and FG actually cleaning its connection table for this VIP. 

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
nbctcp
New Contributor III

FW1 # config firewall vip

FW1 (vip) # show config firewall vip edit "1" set extip 192.168.88.25 set extintf "port1" set mappedip "10.0.3.11" next end

FW1 (vip) # delete 1

FW1 (vip) # end

http://goo.gl/lhQjmUhttp://nbctcp.wordpress.com
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors