I would probably personally use the above suggested way.
I am not sure why you would want to do what you describe.
I guess if you wanted other options you could consider some of the following options
VPN Filter / interface ACL
With this option you could stop traffic from leaving from your network to the L2L VPN connection or traffic coming from the L2L VPN from going through your firewall. Naturally this would not help much if you option was to keep the VPN connection itself down completely
Time Based ACL
You could probably use ACL statements that use a time range if your aim was to control traffic flow during some hours of the day. I have not used these type of ACLs that much myself so I am not sure if they are convinient in your setup.
I was also wondering if setting the L2L VPN connection in the "crypto map" configurations as "originate-only" would give you any options of keeping the L2L VPN down until you want to bring it up. Again a command that I have not had to use myself.
I guess how you should do this depends on the actual situation and reason you are wanting to do this.
The above suggested way is very simple. Though you should backup your "crypto map" configurations before removing anything so you can keep a track where you need to add the peer IP again when you want it working.
If the VPN can be up but you want to limit traffic then an ACL statement that you would activate and make inactive might also be a solution.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...