In this section:

Use this command to initiate a delete action on an IP Security configuration object.

Command Syntax

% request addressContext <addressContext_name> ipsec 
   ikeSaDelete saIndex <SA index>
   ikeSaDeleteAll
   ipsecSaDelete localSPI <local SPI>

Command Parameters

Parameter

Description

ikeSaDelete saIndex

<SA index> – Enter the SA index to delete a specific IKE SA and its IPsec SAs.

ikeSaDeleteAll

Use this parameter to delete ALL IKE and IPsec SAs.

  • For IKEv1, this is an ungraceful delete message (peer is not notified).
  • For IKEv2, a tear-down message is sent to the peer.

ipsecSaDelete localSPI

<local SPI> – Enter the local SPI to delete the IPsec SA pair (local_SPI: incoming Security Parameter Index value).

This command supports the deletion of IKE IPsec SAs only. You cannot delete IPsec SAs created during IMS AKA registration using this command.

Command Example

 The following command deletes all entries from the IKE SA list for SA Index 13:

request addressContext default ipsec ikeSaDelete saIndex 13
 
When prompted, enter 'y' to continue: 
This command will delete entry from the IKE SA list. Do you want to continue (yes/no) yes