Delete a SASE Tunnel from Umbrella
Use the following procedure to delete a SASE tunnel through the CDO UI:
Before you begin
To delete a SASE tunnel, the ASA associated with it must have a synced status in CDO. You cannot delete a tunnel if the device is uhealthy.
Note that if you delete a SASE tunnel from CDO, the tunnel is removed from both the ASA device and the Umbrella organization associated with it.
Warning | If you delete a tunnel from CDO while the Umbrella organization credentials are considered invalid, or have changed since you onboarded the organization, CDO can only deploy the tunnel configuration to the ASA devices associated with the organization. Upon updating the credentials, CDO reads the Umbrella configuration and repopulates any tunnels that were deleted. Due to the tunnel existing in the Umbrella organization but not any of the ASA devices, there will be a synchronization issue and the ASA devices may not appear as peers to organization. We recommend confirming the Umbrella credentials prior to deleting any tunnels associated with the organization. |
Procedure
Step 1 | Log into CDO. |
Step 2 | Navigate to the VPN window. Select Site-to-Site VPN. |
Step 3 | Select the tunnel you want to delete from CDO. |
Step 4 | In the Actions pane, click Delete. |
Step 5 | Confirm you want to delete the tunnel and click OK. |