Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
468
Views
0
Helpful
0
Replies

'Clear cryto SA peer' appearing in Router Log need clarification

pci_net
Level 1
Level 1

‎08-25-2021 01:57 AM

Hi all,

 

I have below command in my router log:

 

clear crypto sa peer xxx.xxx.xxx.xxx 

 

The full log statement is below:

 

ISAKMP_MANUAL_DELETE: IKE SA manually deleted. Do 'clear crypto sa peer xxx.xxx.xxx.xxx' to manually clear IPSec SA's covered by this IKE SA.

 

I have checked this peer xxx.xxx.xxx.xxx is the IP of the tunnel destination of one of my configured tunnel in my router. 

 

However, nobody has log into my router to issue this command. My questions now:

 

1. Why the log of my router appering this command which apparently no body has logged in the router and issue the command?

 

2. Is it possible that someone at my tunnel neighbor router which is with this IP xxx.xxx.xxx.xxx issued certain "related" commands so that my router can appear this 'clear crypto sa peer xxx.xxx.xxx.xxx'?

 

I am in the process of analyzing this problem. This log puzzles me a lot and I am suspecting is it this log appearing in my router is because of the related command was issued by my peer or neighbour router.

 

Please help to provide your opinion and suggestion. Thanks!

 

regards,

tangsuan

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents