Command Reference Guide Enable Mode Command Set
61200510L1-35E Copyright © 2005 ADTRAN 47
clear crypto ipsec sa
Use the clear crypto ipsec sa command to clear existing IPSec security associations (SAs), including
active ones.
Variations of this command include the following:
clear crypto ipsec sa
clear crypto ipsec sa entry <ip address> ah <SPI>
clear crypto ipsec sa entry <ip address> esp <SPI>
clear crypto ipsec sa map <map name>
clear crypto ipsec sa peer <ip address>
Syntax Description
entry
<ip address>
Clears only the SAs related to a certain destination IP address.
ah
<SPI>
Clears only a portion of the SAs by specifying the authentication header (AH)
protocol and a security parameter index (SPI). You can determine the correct SPI
value using the show crypto ipsec sa command.
esp
<SPI>
Clears only a portion of the SAs by specifying the encapsulating security payload
(ESP) protocol and an SPI. You can determine the correct SPI value using the
show crypto ipsec sa command.
map
<map name>
Clears only the SAs associated with the crypto map name given.
peer
<ip address>
Clears only the SAs associated with the far-end peer IP address given.
Default Values
No default value necessary for this command.
Applicable Platforms
This command applies to the NetVanta 300, 1000R, 2000, 3000, 4000, and 5000 and Total Access 900
Series units.
Command History
Release 4.1 Command was introduced.