Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Delete an IPsec VPN

Delete an IPsec VPN

Delete an IPsec VPN by first marking it for deletion, then redeploying the VPN to finally delete it completely. When you delete the IPsec VPN, the VPN configurations are also deleted from the associated devices.

You can delete the following types of VPNs using this method:

  • Site-to-site VPN

  • Hub-and-Spoke (Establishment by All Peers) VPN

  • Hub-and-Spoke (Establishment by Spokes) VPN

  • Hub-and-Spoke Auto Discovery VPN

  • Remote Access VPN—Juniper Secure Connect

You can also revert the IPsec VPN marked for deletion.

  1. Select SRX > IPsec VPN > IPsec VPNs.
    The IPsec VPN page opens.
  2. Select an IPsec VPN to delete, and click the delete icon.

    A message indicating the following result is displayed:

    • The IPsec VPN will be deleted after you redeploy the VPN.

    • The IPsec VPN configuration will also be deleted from the associated devices.

  3. Click Yes.
    Note:

    • The IPsec VPN is not deleted from the associated devices at this moment. You must redeploy the IPsec VPN to delete it from the devices.

    • You cannot edit the IPsec VPN that is marked to be deleted.

    You can revert the IPsec VPN deletion. Hover your mouse cursor over the flag in the Status column, and select Undo Delete on the pop-up window. The IPsec VPN status is reverted to the previous status.

    The IPsec VPN is marked for deletion, and the status changes to VPN flagged to be deleted.

  4. Select the IPsec VPN, and click Deploy.

    The Deploy page opens.

  5. Click OK.

  • An IPsec VPN deletion job is created. Click the job ID to go to the Jobs page and view the status of the delete operation.

  • After a successful deployment, the selected IPsec VPN is deleted from Juniper Security Director Cloud and all associated devices.

Delete Hub-and-Spoke IPsec VPNs from Specific Devices

In a hub-and-spoke IPsec VPN that has multiple spoke and extranet devices, you can delete the VPN from specific spokes by deleting the spokes and redeploying the VPNs. However, when you delete a spoke that is an extranet device, the device configuration is deleted only from the VPN hub because Juniper Security Director Cloud does not manage the device.

You can delete the IPsec VPN configurations from specific spokes associated with the following types of VPNs using this method:

  • Hub-and-Spoke (Establishment by All Peers) VPN

  • Hub-and-Spoke (Establishment by Spokes) VPN

  • Hub-and-Spoke Auto Discovery VPN

Note:

You must retain at least one spoke in the hub-and-spoke IPsec VPN without which you won't be able to save the edited VPN.
  1. Select SRX > IPsec VPN > IPsec VPNs.
    The IPsec VPN page opens.
  2. Select the IPsec VPN to delete the spokes, and click the pencil icon.
    The Edit IPsec VPN page opens.
  3. Select the spokes to delete in the Devices section, and click the delete icon.
    A message asking for confirmation is displayed.
  4. Click Yes.
  5. Click Save.

    A message indicating the following result is displayed:

    • The deleted spokes will be removed from the IPsec VPN after you redeploy the VPN.

    • The IPsec VPN configuration will also be deleted from the deleted devices.

  6. Click Yes.
    Note:

    • The IPsec VPN configuration is not yet deleted from the spokes and hub. You must deploy the VPN to delete the VPN from the spokes.

    • You can revert the changes by editing the IPSec VPN and adding the devices back.

    The IPsec VPN status column displays the number of deleted spokes. Hover your mouse cursor over the device count link to view the list of deleted spokes.

  7. Select the IPsec VPN, and click Deploy.
    The Deploy page opens.
  8. Click OK.

  • An IPsec VPN deletion job is created. Click the job ID to go to the Jobs page and view the status of the delete operation.

  • After a successful deployment, the selected IPsec VPN is deleted from the deleted spokes. If a deleted spoke is an extranet device, the device configuration is deleted only from the VPN hub because Juniper Security Director Cloud does not manage the device.