5

How to delete IPSEC VPN tunnel from Fortigate 60

view full story
linux-howto

http://serverfault.com – I have had a IPSEC connection setup between two firewalls. Now I want to remove the tunnel in my firewall, a "Fortigate 60". There are two phases, "Phase 1" and "Phase 2" for each IPSEC connection. I can delete the "Phase 2" entry by clicking the trashcan icon (in the web interface), but there is not such icon for "Phase 1". Is it possible to delete that? When I look at the log it alerts about this tunnel not working (after deleting "Phase 2") and it would be nice not ta have loads of such events in the log. All ideas are appreciated. (HowTos)

grtyyu's picture
Submitted by grtyyu on 11/27/2012 – Made popular on 11/27/2012

Stories similar to How to delete IPSEC VPN tunnel from Fortigate 60

I have StrongSwan running on a ubuntu server and I'm trying to create an ipsec encrypted VPN tunnel with a Cisco 2821 router . The connection is not working and I cannot figure out why. It appears to complete phase 1, but fails at phase 2. Can anyone provide suggestions? I'm stumped.

I recieved a list of commands that were run on the right side of the VPN tunnel which is where the Cisco ASA resides. On my side, I have a linux based firewall running debian with openswan installed.

Phase #1 (IKE) succeeds without any complications (verified at the target server). Phase #2 (IPSec), however, is erroneous at some point (apparently due to misconfiguration on localhost).

This should be an IPSec-only connection. I am using OpenSwan on Debian. The error log reads this (the actual IP-addr.

I am trying to set up an ipsec tunnel between our ASA 5505 and a Juniper ssg5. The tunnel is up and running, but I cannot get any data through it.

The local network I am on is 172.16.1.0 and the remote is 192.168.70.0. But I cannot ping anything on their netowork. I receive a "Phase 2 OK" when I set up the ipsec.

I think this is the part of the config that is applicable.

I’ve run into a of a routing issue pertaining to packets leaving a firewall, traversing and IPSec tunnel, hitting the target and then returning via a different tunnel, finally arriving back on the source firewall but on a different interface from where it started. Once the packet has returned to the firewall it is dropped… I’ve been unable to discover the reason for the drop.

I'm completely lost as to how to why this doesn't work. I can't ping, much less reach resources on the other side.

NETKEY IPsec and ARP 1 year 8 weeks ago

I'm wondering if I have the correct routing setup for an IPsec tunnel. I have control over the IPsec endpoints and the hosts connected to one side. These hosts are connecting to the tunnel so that they have access to the network on the other side of what I will call the IPsec server.

I've a Zywall USG 20W (wireless disabled) behind a router supplied by the ISP. All ports (both TCP and UDP) on the ISP router are forwarded to the 20W. I'm trying to configure an L2TP VPN to be used by Windows Xp / 7 with Microsoft native client.

Site2Site tunnel via SSL VPN? 18 weeks 5 days ago

i have tried convincing my opposite office of the tunnel in question to get site-2-site ipsec up and running.

However they are not really into that and run everything via SSL VPN..

Is it possible to create a site to site tunnel via SSL VPN?

How i would setup the ipsec on our Cisco ASA 5505

local net 192.168.0.0/18 remote net 10.50.0.0/18 IKE proposal pre-share-3des-sha, pre-share-aes-256-sha I