Cisco IOS XE Software, Version 16.12.04
Cisco IOS Software [Gibraltar], ISR Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 16.12.4, RELEASE SOFTWARE (fc5)
cisco ISR4431/K9 (1RU) processor with 1694893K/6147K bytes of memory.
Processor board ID FGL2404LMN6
4 Gigabit Ethernet interfaces
32768K bytes of non-volatile configuration memory.
4194304K bytes of physical memory.
6598655K bytes of flash memory at bootflash:.
ok, check this out:
CCrouter#sh crypto session br | grep CORS23
220.127.116.11 Gi0/0/0 CORS23 03:16:58 UA
18.104.22.168 Gi0/0/0 CORS23 3w6d DN
I have tried the following on the DN SA:
clear crypto session remote 22.214.171.124
clear crypto ikev2 sa remote 126.96.36.199
clear crypto ikev2 sa
And it just won't go away.
I have a second one that is a week old that is doing exactly the same thing.
I do I get the Cisco to dump that old SA?
The remote routers are Digi WR21 units.