Is it possible to clear individual tunnels without bringing them all down? I've seen the clear crypt ips sa & cl crypt isa sa, but that's global. Is there something that I can do to pinpoint individual tunnels to kill?
If its an ASA, you can also teardown specific tunnels using their index numbers.
To get the index number do "show vpn-sessiondb <(l2l,remote,svc,webvpn)>" command
To log it off do "vpn-sessiondb logoff index " command