Reset Encrypt-Card Sa All - 3Com 3C13618 Command Reference Manual

If set up in manual mode, an SA can only use one proposal set. And if a proposal set
is already set, it needs to be deleted before a new one can be set.
If set up in isakmp mode, an SA can use six proposal sets at maximum. IKE
negotiation will display for the complete matching proposal set at both ends of the
security tunnel. If it fails to find such a proposal set, then the SA can not be set up,
and the packets need to be protected will be dropped.
An IPSec policy defines the adopted protocol, algorithm and encapsulation mode
through the proposal set. Before a proposal set is used, this mode must be already
set up.
The proposal sets at both ends of the security tunnel must be set as having the same
protocol, algorithm and encapsulation mode.
Example
# Configure a proposal set whose name is trans1, adopting ESP and the default
algorithm. And set an IPSec policy as using a proposal set whose name is trans1.
[3Com]ipsec proposal trans1
[3Com-ipsec-proposal-trans1]transform esp-new
[3Com]ipsec policy xian 100 manual
[3Com-ipsec-policy-xian-100] proposal trans1

4.1.32 reset encrypt-card sa all

Syntax
reset encrypt-card sa all [ slot-id ]
View
All views
Parameter
slot-id: The ID of the slot where the crypto card is located, with the range determined
by the slot numbers of the router. All crypto cards will be operated if this value is not
input.
Description
Using the reset encrypt-card sa all command, you can cancel all the security
associations on the specified crypto card.
This command is applicable to crypto card.
Security
75