Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Sa_Nour
New Contributor

tunnel interface is not getting disable

Hi guys, Need help in disabling tunnel interface, i want to remove IPsec tunnel but since tunnel interface is enabled it is not getting removed.

 

When i press disable button in tunnel interface, error appears as below

 

"Entry not found in data source

Attribute 'interface value'  checking fail

 

8 REPLIES 8
ozkanaltas
Valued Contributor III

Hello @Sa_Nour ,

 

If you remove tunnel configuration from vpn menu, the tunnel interface is removed automatically. You don't need to disable the tunnel interface to remove tunnel configuration.

 

If you can't remove tunnel configuration, firstly you should remove references to tunnel configuration.

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
Sa_Nour

Thanks @ozkanaltas 

i already removed all references, still not getting disabled and there is an error i mentioned

ozkanaltas
Valued Contributor III

@Sa_Nour ,

 

Did you change IPsec or IPsec interface name before? 

 

Also, I mentioned before. If you want to delete the ipsec configuration you don't need to disable ipsec interface. You can click delete button on the vpn page as like shown the screen shot. This button remove automatically ipsec interface. image.png

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
mle2802
Staff
Staff

Hi @Sa_Nour,

Did you try with CLI instead?

Regards,
Minh

KumarV
Staff
Staff

@Sa_Nour, You can try to delete it using the commands below:

#config vpn ipsec phase1-interface

#delete <name>

#end

 

Regards

Verender

 

Toshi_Esumi
SuperUser
SuperUser

It might have become a zombie. Try rebooting the unit.

 

Toshi

maulishshah
Staff
Staff

hi @Sa_Nour , I think you still have phase2 configuration, as if rebooting firewall not fix your issue then please try to confirm the phase 2 configuration is still there or not. 

 

Please try to refer the article and check if you can fin any reference through CLI: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-Check-Referenced-Objects/ta-p/19481...

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-Check-Referenced-Objects/ta-p/19481...

 

In addition, you can do 

 

show full | grep "tunnel-name"

 

Best Regards,

Maulish 

Maulish Shah
ssteo
Staff
Staff

Hi @Sa_Nour , you can use CLI to see got anything reference to that IPSEC tunnel or not.

Below is the commands:

show full | grep "tunnel-name" f 

So it will show anything related to that tunnel-name then can use CLI to delete it.

 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors