Use this command to delete IKE Security Associations (SAs).

Command Syntax

% request addressContext <addressContext_name> ipsec 
   ikeSaDelete saIndex <SA index>
   ikeSaDeleteAll
   ipsecSaDelete localSPI

Command Parameters

IPsec SA Delete Parameters

Parameter

Description

ikeSaDelete <SA_index>

Enter SA index to delete a specific IKE SA and its IPsec SAs.

ikeSaDeleteAll

Use this parameter to delete ALL IKE and IPsec SAs.

  • For IKEv1, this is an ungraceful delete message (peer is not notified).
  • For IKEv2, a tear-down message is sent to the peer.

ipsecSaDelete localSPI <local_SPI>

Enter local SPI to delete the IPsec SA pair (local_SPI: incoming Security Parameter Index value).

 

  • No labels