Cannot deleted some command on ASA 5500?

Unanswered Question
Sep 26th, 2010
User Badges:

Dear All,

some command on ASA 5500 i cannot delete some command as below:

HQ(config)# no tunnel-group type ipsec-l2l
ERROR: % Invalid input detected at '^' marker.
HQ(config)# no tunnel-group              
ERROR: Use 'no tunnel-group webvpn-attributes' to remove all webvpn attributes before removing this tunnel-group. 'clear configure tunnel-group' can also be used to remove the tunnel-group.

but on my configuration i do VPN site to site!!!

How can i delete this command as above?

any way, i would like to delet some command as below but it still show on my ASA.

when i type "no crypto map Outside_map 3 set security-association lifetime seconds 28800" it don't have any error, it mean that the command allow but when i show run it still come up again, so how can i delete those command ?

crypto map Outside_map 3 set security-association lifetime seconds 28800
crypto map Outside_map 3 set security-association lifetime kilobytes 4608000

Best Regareds,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Jennifer Halim Sun, 09/26/2010 - 21:13
User Badges:
  • Cisco Employee,

You can remove the complete tunnel-group command for as follows:

clear configure tunnel-group

For the crypto map configuration, if you only have those 2 lines that sets the lifetime, you can remove it via the following:

clear configure crypto map Outside_map 3

Hope that helps.

rechard_david Mon, 09/27/2010 - 00:10
User Badges:

Dear Jennifer,

thanks you for you command !!!

I rate 5 point to you!!!


This Discussion