Fortinet white logo
Fortinet white logo

New Features

Un-assign IPsec template to remove VPN-related configuration

Un-assign IPsec template to remove VPN-related configuration

When you un-assing an IPsec template from a device, FortiManager modifies the configuration for affected devices. When you install the modified configuration to devices, FortiManager automatically uninstalls the configuration (phase1/phase2 interfaces) generated by the IPsec template from devices.

This topic describes how you can view the changes in the FortiManager GUI.

To view how un-assigned IPsec templates affect devices:
  1. Create an IPsec template named toHQ-1, and install it to devices.

    After installing the IPsec template, go to Device Manager > Device & Groups, and select Table View. In the Config Status column, view a status of Synchronized for all affected devices, and the Provisioning Templates column shows that the toHQ-1 template has been applied.

  2. Un-assign the IPsec template from eight devices.

    After un-assigning the toHQ-1 template from eight devices, the Config Status column now shows a status of Modified for all devices, and the Provisioning Templates column no longer displays the toHQ-1 template.

  3. Install the modified device configuration to the devices.

    FortiManager removes phase1 and phase2 interface configuration from the devices. You can check the Install Log for affected devices to confirm that FortiManager removed phase2 and phase1 interfaces settings.

Un-assign IPsec template to remove VPN-related configuration

Un-assign IPsec template to remove VPN-related configuration

When you un-assing an IPsec template from a device, FortiManager modifies the configuration for affected devices. When you install the modified configuration to devices, FortiManager automatically uninstalls the configuration (phase1/phase2 interfaces) generated by the IPsec template from devices.

This topic describes how you can view the changes in the FortiManager GUI.

To view how un-assigned IPsec templates affect devices:
  1. Create an IPsec template named toHQ-1, and install it to devices.

    After installing the IPsec template, go to Device Manager > Device & Groups, and select Table View. In the Config Status column, view a status of Synchronized for all affected devices, and the Provisioning Templates column shows that the toHQ-1 template has been applied.

  2. Un-assign the IPsec template from eight devices.

    After un-assigning the toHQ-1 template from eight devices, the Config Status column now shows a status of Modified for all devices, and the Provisioning Templates column no longer displays the toHQ-1 template.

  3. Install the modified device configuration to the devices.

    FortiManager removes phase1 and phase2 interface configuration from the devices. You can check the Install Log for affected devices to confirm that FortiManager removed phase2 and phase1 interfaces settings.