Support User Manuals

Enterasys Networks XSR CLI Router User Manual

Open as PDF

of 684

IKE Security Protocol Commands

14-94 Configuring the VPN

ThefollowingissampleoutputfromthecommandwhentheCAsupportsanRA.Inthisexample,

CAandRAcertificateswererequestedearlierby the

crypto ca authenticatecommand.

XSR>show crypto ca certificates

CA Certificate

Status: Available

Certificate Serial Number: 3051DF7123BEE31B8341DFE4B3A338E5F

Key Usage: Not Set

RA Signature Certificate

Status: Available

Certificate Serial Number: 34BCF8A0

Key Usage: Signature

RA KeyEncipher Certificate

Status: Available

Certificate Serial Number: 34BCF89F

Key Usage: Encryption

IKE Security Protocol Commands

ThefollowingcommandsconfiguretheInternetKeyExchange(IKE)SecurityProtocolontheXSR.

clear crypto isakmp

ThiscommandclearsoneorallactiveInternetKeyExchangeconnections.

Syntax

clear crypto isakmp [connection-id]

Mode

PrivilegedEXEC:XSR#

Example

ThefollowingoutputshowsanIKEconnectionbetweentwopeersconnectedbyinterfaces

172.21.114.123and172.21.114.67:

XSR#show crypto isakmp sa

Connection-ID

State Source Destination Lifetime

1 QM_IDLE 172.21.114.67 172.21.114.123 2000

8 QM_IDLE 155.0.0.1 155.0.0.2 4000

ThefollowingexampleclearsIKEconnection8:

XSR#clear crypto isakmp 8

connection-id

Setswhichconnectiontoclear.Ifthisargumentisnotused,allexisting

linkswillbecleared.

previous next