Clear crypto ipsec sa – ADTRAN 5000 Series User Manual

Command Reference Guide

Enable Mode Command Set

61200990L1-35E

Copyright © 2005 ADTRAN

45

clear crypto ipsec sa

Use the clear crypto ipsec sa command to clear existing IPSec security associations (SAs), including
active ones.

Variations of this command include the following:

clear crypto ipsec sa

clear crypto ipsec sa entry ah

clear crypto ipsec sa entry esp

clear crypto ipsec sa map

clear crypto ipsec sa peer

Syntax Description

entry

Clears only the SAs related to a certain destination IP address.

ah

Clears only a portion of the SAs by specifying the authentication header (AH)
protocol and a security parameter index (SPI). You can determine the correct SPI
value using the show crypto ipsec sa command.

esp

Clears only a portion of the SAs by specifying the encapsulating security payload
(ESP) protocol and an SPI. You can determine the correct SPI value using the
show crypto ipsec sa command.

map

Clears only the SAs associated with the crypto map name given.

peer

Clears only the SAs associated with the far-end peer IP address given.

Default Values

No default value necessary for this command.

Applicable Platforms

This command applies to the NetVanta 300, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900
Series units.

Command History

Release 4.1

Command was introduced.