1. Home
  2. Cisco Systems
  3. VPN connections

VPN connections

I have a PIX506 E in HQ - we have 20 Remote locations - when one drops it's connection and cycling out the remote VPN device ( Symantec VPN device ) is not an option as it takes 30 minutes for it come up with a new Key. We currently have to do a clear isakmp sa and clear ipsec sa on the Cisco PIX device in HQ to get things running again for that 1 remote location. Of course doing those commands drops EVERY connection and everyone is out of luck for 2-3 minutes while everyone connects again. My question - Is there a command to just kill the one Bad VPN connection , could I use the conn-id ? HELP please

Paul

Reply to
Paul
Loading thread data ...

In article , Paul wrote: :I have a PIX506 E in HQ - we have 20 Remote locations - when one drops it's :connection and cycling out the remote VPN device ( Symantec VPN device ) is :not an option as it takes 30 minutes for it come up with a new Key. We :currently have to do a clear isakmp sa and clear ipsec sa on the Cisco PIX :device in HQ to get things running again for that 1 remote location. Of :course doing those commands drops EVERY connection and everyone is out of :luck for 2-3 minutes while everyone connects again. My question - Is there a :command to just kill the one Bad VPN connection , could I use the conn-id ? :HELP please

clear ipsec sa peer ADDRESS

I believe there is also a way to do it by ID, but I do not recall the syntax off-hand.

Reply to
Walter Roberson

THANK YOU !!!

Reply to
Paul

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.