Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to Kill a site-to-site or remote access VPN session in PIX

I been searching around the command to stop or terminate a tunnel instead of reload the unit. Anyone can advice me how to procees abt this?

Thank you very much.

2 REPLIES

Re: How to Kill a site-to-site or remote access VPN session in P

Hi .. I hope it heps .. please rate if it does !!!

If the PIX Firewall is processing active IPSec traffic, we recommend that you only clear the portion of

the security association database that is affected by the changes to avoid causing active IPSec traffic to

temporarily fail.

The clear [crypto] ipsec sa command only clears IPSec security associations; to clear IKE security

associations, use the clear [crypto] isakmp sa command.

The following example clears (and reinitializes if appropriate) all IPSec security associations at the

PIX Firewall:

clear crypto ipsec sa

The following example clears (and reinitializes if appropriate) the inbound and outbound IPSec security

associations established along with the security association established for address 10.0.0.1 using the

AH protocol with the SPI of 256:

clear crypto ipsec sa entry 10.0.0.1 AH 256

New Member

Re: How to Kill a site-to-site or remote access VPN session in P

Thanks you for the advice. Got it now. Appreciate that.

1279
Views
4
Helpful
2
Replies