11-12-2019 07:08 AM
Hello,
Can you please help me understand the difference between the commands:
clear crypto sa
&
clear crypto session
I understand that clear crypto sa will clear all SA's (phase 1 and phase 2) for a specific peer if you choose. I am understanding that clear crypto session will do that same thing. What is the difference?
11-12-2019 07:38 AM
Hi,
I assume you are referring to a Cisco IOS router rather than an ASA?
"clear crypto session" would clear IKEv1 (isakmp)/IKEv2 and IPSec SAs
"clear crypto sa" would clear only the IPSec SAs
To clear just IKEv1 (isakmp) or IKEv2 SAs, you can use the commands:- "clear crypto isakmp" or "clear crypto ikev2 sa"
HTH
11-12-2019 10:57 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide