Cannot deleted some command on ASA 5500?

rechard_david · ‎09-26-2010

Dear All,

some command on ASA 5500 i cannot delete some command as below:

HQ(config)# no tunnel-group 203.189.134.71 type ipsec-l2l
^
ERROR: % Invalid input detected at '^' marker.
HQ(config)# no tunnel-group 203.189.134.71
ERROR: Use 'no tunnel-group 203.189.134.71 webvpn-attributes' to remove all webvpn attributes before removing this tunnel-group. 'clear configure tunnel-group 203.189.134.71' can also be used to remove the tunnel-group.

but on my configuration i do VPN site to site!!!

How can i delete this command as above?

any way, i would like to delet some command as below but it still show on my ASA.

when i type "no crypto map Outside_map 3 set security-association lifetime seconds 28800" it don't have any error, it mean that the command allow but when i show run it still come up again, so how can i delete those command ?

crypto map Outside_map 3 set security-association lifetime seconds 28800
crypto map Outside_map 3 set security-association lifetime kilobytes 4608000

Best Regareds,

Rechard

Jennifer Halim · ‎09-26-2010

You can remove the complete tunnel-group command for 203.189.134.71 as follows:

clear configure tunnel-group 203.189.134.71

For the crypto map configuration, if you only have those 2 lines that sets the lifetime, you can remove it via the following:

clear configure crypto map Outside_map 3

Hope that helps.

rechard_david · ‎09-27-2010

Dear Jennifer,

thanks you for you command !!!

I rate 5 point to you!!!

Jennifer Halim · ‎09-27-2010

Thanks Rechard. Much appreciated.