Use this command to delete IKE or IPsec Security Associations (SAs).

Command Syntax

% request addressContext <addressContext_name> ipsec 
   ikeSaDelete saIndex <SA index>
   ikeSaDeleteAll
   ipsecSaDelete localSPI <local SPI>

Command Parameters

IPsec/IKE SA Delete Parameters

Parameter

Description

ikeSaDelete

<SA index> – Enter the SA index to delete a specific IKE SA and its IPsec SAs.

ikeSaDeleteAll

Use this parameter to delete ALL IKE and IPsec SAs.

  • For IKEv1, this is an ungraceful delete message (peer is not notified).
  • For IKEv2, a tear-down message is sent to the peer.

ipsecSaDelete localSPI

<local SPI> – Enter the local SPI to delete the IPsec SA pair (local_SPI: incoming Security Parameter Index value).


Note

This command supports the deletion of IKE IPsec SAs only. You cannot delete IPsec SAs created during IMS AKA registration using this command.


  • No labels