In today’s article, I’m going to inform you about the Cisco IOS privileged EXEC mode command named “clear Crypto News isakmp.” CCNA’s (like you) use this command to clear active Internet Key Exchange (IKE) connections.
connection-id-This (optional) argument is the ID of the connection that is to be cleared. If this argument is not used with the command, all existing connections will be cleared by default.
active-This (optional) keyword is used to only clear (remove) IKE security associations (SAs) that are in the active state.
standby – And, this (optional) keyword is used to only clear IKE SAs that are in the standby (secondary) state. Remember, if the router is in standby mode, the router will immediately resynchronize the standby SAs; thus, it may appear as if the standby SAs were not cleared.
In the example below, all existing IKE connections are being cleared:
You can use the privileged EXEC mode command named “show crypto isakmp sa” to display (view) current IKE SAs.
And, if you decide to use the command, make sure your router(s) is running Cisco IOS 12.3(11)T or higher.
I hope this article was very informative and helped you quickly understand the usage of clear crypto isakmp command. If you need to learn more; I suggest you visit my website, were you’ll find the latest information regarding the Cisco CCNA (640-553) Security exam techniques to help you make your day a little brighter.
%20Security%20Exam%20Training%20–%20Using%20the%20“Clear%20Crypto%20Isakmp”%20Command){kind=link}