Solved: Deleting VPN Group Policies in ASDM 7

pmccubbin · ‎03-15-2013

A bit of a Catch-22 here: I am trying to delete VPN Group Policies but receive the error message that the policy is in use by a particular Connection Profile. When I try to delete the Connection Profile I receive the message that it is in use by a VPN Group Policy..

What else is there to delete or do I have to use the CLI?

Thank you in advance!

Andrew Phirsov · ‎03-15-2013

You don't have (and won't be able) to delete connection profile, but you should remove your grop policy from the connection profile.

I.e. from cli:

tunnel-group SOME_GROUP general-attributes

no default-group-policy SOME_GP

After that, group policy can be deleted as you wish, as long as it not used somewhere else.

View solution in original post

Andrew Phirsov · ‎03-15-2013

You don't have (and won't be able) to delete connection profile, but you should remove your grop policy from the connection profile.

I.e. from cli:

tunnel-group SOME_GROUP general-attributes

no default-group-policy SOME_GP

After that, group policy can be deleted as you wish, as long as it not used somewhere else.

pmccubbin · ‎03-19-2013

Thanks, Andrew. I used the CLI like you suggested.

noel-armand · ‎11-08-2017

thanks

jpoplawski · ‎07-24-2019

I realize this thread is extremely old. However, if you want to do this via GUI you can click the Group Policy and select the Assign Button. From there uncheck the Public IP that is selected.

Now, you can delete the group policy, and then the connection profile. Apply and you're good to go!

Hope this helps!

JB

divanko · ‎03-28-2022

You can also use these two commands that clear both the tunnel group attributes and group policy attributes from the ASA configuration:

clear configure tunnel-group <tunnel-group-name>
clear configure group-policy <group-policy-name>

Dallas