01-18-2021 10:25 PM
Hello All:
My platform:
Cisco IOS XE Software, Version 16.12.04
Cisco IOS Software [Gibraltar], ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 16.12.4, RELEASE SOFTWARE (fc5)
cisco ISR4431/K9 (1RU) processor with 1694893K/6147K bytes of memory.
Processor board ID FGL2404LMN6
4 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
6598655K bytes of flash memory at bootflash:.
ok, check this out:
CCrouter#sh crypto session br | grep CORS23
117.234.102.74 Gi0/0/0 CORS23 03:16:58 UA
132.154.30.79 Gi0/0/0 CORS23 3w6d DN
I have tried the following on the DN SA:
clear crypto session remote 132.154.30.79
clear crypto ikev2 sa remote 132.154.30.79
and:
clear crypto ikev2 sa
And it just won't go away.
I have a second one that is a week old that is doing exactly the same thing.
I do I get the Cisco to dump that old SA?
The remote routers are Digi WR21 units.
Cheers,
john
01-18-2021 11:24 PM
01-19-2021 12:53 AM
If the Digi disappears, the SA remains.
The new Digi SA disappears but that old one remains.
I have another site doing the same thing.
Cheers,
john
01-19-2021 01:57 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: