I'm trying to set up a hub and spoke ipsec environment. However, I am currently getting the following error: Starting log (Run on device) Start installing gen $ config router static gen (static) $ edit 2 gen (2) $ set device "HUB1-VPN1" gen (2) $ set comment "VPN: HUB1-VPN1 [Created by IPSEC Template]" gen (2) $ set dstaddr "HUB1-VPN1_remote_subnet_1" gen (2) $ next gen (static) $ edit 3 gen (3) $ set distance 254 gen (3) $ set comment "VPN: HUB1-VPN1 [Created by IPSEC Template]" gen (3) $ set blackhole enable gen (3) $ set dstaddr "HUB1-VPN1_remote_subnet_1" gen (3) $ next The blackhole route conflicts with the gateway of SD-WAN member 1, gen (static) $ end ---> generating verification report (vdom root: router static 3:vrf) remote original: 0 to be installed: <--- done generating verification report   ------- Start to retry -------- gen $ config router static gen (static) $ edit 3 gen (3) $ unset vrf gen (3) $ next The blackhole route conflicts with the gateway of SD-WAN member 1, gen (static) $ end ---> generating verification report (vdom root: router static 3:vrf) remote original: 0 to be installed: <--- done generating verification report install failed The Fortimanager tries to delete vrf from the blackhole routing rule: config router static edit 3 unset vrf next end does anyone have an idea how I can solve the problem without setting routing to manual? regards, Kevin