Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Created on ‎01-25-2006 07:05 AM

delete_phase1_sa Error

Can anyone explain this error to me and how I can get rid of it. It comes up in the event log of the Fortigate-200 v2.8 when I try to make a vpn connection delete_phase1_sa Thanks
22557
0 Kudos
5 REPLIES 5
Not applicable

Created on ‎01-25-2006 08:35 AM

the phase1 will be deleted on phase2 failure..
17572
0 Kudos
Not applicable

Created on ‎01-25-2006 08:38 AM

Thanks for the reply... but can you please explain it to me in more detail and maybe suggest a fix. Thanks
17572
0 Kudos
Not applicable

Created on ‎01-25-2006 08:46 AM

Hi i can say you what you can review: -check that the proposal (encryption, lifetime, dh group) for the IKE 2nd phase match each other and try to switch off any keepalives/pings or dead peer detection on the Fortinet for both IKE modes. -check the IP settings (remote lan, local lan), they also affect the 2nd phase SA and must correspond to the Fortinet settings/selectors. try to enable some debugging on the fortinet: diag debug ena; diag debug application ike 2 or try to sniff some packet diag sniffer packet wanX ' proto 50 || port 500' bye
17572
0 Kudos
Not applicable

Created on ‎01-25-2006 08:50 AM

Thank you for the help.
17572
0 Kudos
mikelportu
New Contributor

Created on ‎06-17-2024 12:39 AM

Hi, same error here.I would like to know what caused the error and how you solved it.

6525
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.