Reset Ike Sa - HP 5120 SI series Command Reference Manual

Examples
# Configure the remote security gateway name as apple for IKE peer peer1.
<Sysname> system-view
[Sysname] ike peer peer1
[Sysname-ike-peer-peer1] remote-name apple

reset ike sa

Syntax
reset ike sa [ connection-id ]
View
User view
Default level
2: System level
Parameters
connection-id: Connection ID of the IKE SA to be cleared, in the range 1 to 2000000000.
Description
Use the reset ike sa command to clear IKE SAs.
If you do not specify a connection ID, the command clears all ISAKMP SAs.
When you clear a local IPsec SA, its ISAKMP SA can transmit the Delete message to notify the remote
end to delete the paired IPsec SA. If the ISAKMP SA has been cleared, the local end cannot notify the
remote end to clear the paired IPsec SA, and you must manually clear the remote IPsec SA.
Related commands: display ike sa.
Examples
# Clear an IPsec tunnel to 202.38.0.2.
<Sysname> display ike sa
total phase-1 SAs:
connection-id
----------------------------------------------------------
1
2
flag meaning
RD--READY ST--STAYALIVE RL--REPLACED FD—FADING TO--TIMEOUT
<Sysname> reset ike sa 2
<Sysname> display ike sa
total phase-1 SAs:
connection-id
----------------------------------------------------------
1
flag meaning
RD--READY ST--STAYALIVE RL--REPLACED FD—FADING TO—TIMEOUT
1
peer flag
202.38.0.2 RD|ST
202.38.0.2 RD|ST
1
peer flag
202.38.0.2 RD|ST
373
phase doi
1 IPSEC
2 IPSEC
phase doi
1 IPSEC