[x]

IKE configuration commands > reset ike sa

 

 Next

reset ike sa

Syntax

reset ike sa [ connection-id ]

View

User view

Default level

2: System level

Parameters

connection-id: Connection ID of the IKE SA to be cleared, in the range 1 to 2000000000.

Description

Use the reset ike sa command to clear IKE SAs.

If you do not specify a connection ID, the command clears all ISAKMP SAs.

When you clear a local IPsec SA, its ISAKMP SA can transmit the Delete message to notify the remote end to delete the paired IPsec SA. If the ISAKMP SA has been cleared, the local end cannot notify the remote end to clear the paired IPsec SA, and you must manually clear the remote IPsec SA.

Related commands: display ike sa.

Examples

# Clear an IPsec tunnel to 202.38.0.2.

<Sysname> display ike sa
    total phase-1 SAs:  1
    connection-id  peer            flag        phase   doi
  ----------------------------------------------------------
      1            202.38.0.2      RD|ST       1       IPSEC
      2            202.38.0.2      RD|ST       2       IPSEC
flag meaning
RD--READY ST--STAYALIVE RL--REPLACED FD—FADING TO--TIMEOUT
<Sysname> reset ike sa 2
<Sysname> display ike sa
    total phase-1 SAs:  1
    connection-id  peer            flag        phase   doi
  ----------------------------------------------------------
      1            202.38.0.2      RD|ST       1       IPSEC
flag meaning
RD--READY ST--STAYALIVE RL--REPLACED FD—FADING TO—TIMEOUT

prev

 

up

 next

remote-name 

home

 sa duration

© Copyright 2016 Hewlett Packard Enterprise Development LP