Solved

Cisco PIX 7.1(1) clearing / dropping / killing / logout a specific isakmp point to point tunnel

Posted on 2006-06-15
3
393 Views
Last Modified: 2013-11-16
Hi:  When you do a

show isakmp sa

you get something back like

73  IKE Peer: 111.222.111.222
    Type    : L2L             Role    : initiator
    Rekey   : no              State   : MM_ACTIVE

There is a clear isakmp sa command but it will clear ALL isakmp sessions.  Is there any way to clear just the one (#73) session in this case?

Thanks in advance
0
Comment
Question by:ort11
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 5

Accepted Solution

by:
renill earned 250 total points
ID: 16919357
clear ipsec sa

To clear IPSec SAs entirely or based on specified parameters, use the clear ipsec sa command in global configuration and privileged EXEC modes. You can also use an alternate form: clear crypto ipsec sa.

clear ipsec sa [counters | entry peer-addr protocol spi | peer peer-addr | map map-name]
Syntax Description
counters  (Optional) Clears all counters.
entry (Optional) Clears IPSec SAs for a specified IPSec peer, protocol and SPI.
map map-name (Optional) Clears IPSec SAs for the specified crypto map.
peer (Optional) Clears IPSec SAs for a specified peer.
peer-addr Specifies the IP address of an IPSec peer.
protocol Specifies an IPSec protocol: esp or ah.
spi Specifies an IPSec SPI.

clear ipsec sa peer-addr 111.222.111.222

check this out..
0
 
LVL 1

Author Comment

by:ort11
ID: 16942356
Cool, will check this out and get back.
0
 
LVL 1

Author Comment

by:ort11
ID: 16961279
clear ipsec sa peer 111.222.111.222

seems to work fine.  have to leave out the -addr

thanks
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question