10-29-2009 08:14 AM - edited 03-11-2019 09:34 AM
Is it possible to clear individual tunnels without bringing them all down? I've seen the clear crypt ips sa & cl crypt isa sa, but that's global. Is there something that I can do to pinpoint individual tunnels to kill?
Thanks!
Solved! Go to Solution.
10-29-2009 08:14 AM
If its an ASA, you can also teardown specific tunnels using their index numbers.
To get the index number do "show vpn-sessiondb <(l2l,remote,svc,webvpn)>" command
To log it off do "vpn-sessiondb logoff index " command
-heather
View solution in original post
11-05-2009 08:39 AM
Hi mate,
You can do it by peer using:
clear crypto ipsec sa peer
Hope that helps!
Anthony
11-05-2009 08:57 AM
Thats phase2, how about phase1?
11-05-2009 09:34 AM
I'm not aware of a command that will let you specify for just phase 1 of a peer.
clear crypto session remote will reset phase 1 and 2 though
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide
Log in to Community
