Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

clear security ike security-associations

Syntax

Description

Clear information about the current Internet Key Exchange security associations (IKE SAs). For IKEv2, the device clears the information about the IKE SAs and the associated IPSec SA.

Options

  • none—Clear all IKE SAs.

  • peer-address —(Optional) Clear IKE SAs for the destination peer at this IP address.

  • family—(Optional) Clear IKE SAs by family.

    • inet—IPv4 address family.

    • inet6—IPv6 address family.

  • fpc slot-number —Specific to SRX Series Firewalls. Clear information about existing IKE SAs in this Flexible PIC Concentrator (FPC) slot.

  • index SA-index-number —(Optional) Clear the IKE SA with this index number.

  • kmd-instance—Clear information about existing IKE SAs in the key management process (the daemon, which in this case is KMD) identified by FPC slot-number and PIC slot-number. Specific to SRX Series Firewalls.

    • all—All KMD instances running on the Services Processing Unit (SPU).

    • kmd-instance-name—Name of the KMD instance running on the SPU.

  • node-local—(Optional) Clear information about IKE SAs for node-local tunnels in a Multinode High Availability setup.

  • pic slot-number —Clear information about existing IKE SAs in this PIC slot. Specific to SRX Series Firewalls.

  • port port-number—(Optional) Port number of SA (1 through 65,535).

  • sa-type shortcut—(Optional) It's applicable for ADVPN. Clear information about IKE SAs by type shortcut.

  • ha-link-encryption—(Optional) Clear information about the current IKE SAs for high availability (HA) link tunnel only. When you enable High Availability feature, you cannot delete customer tunnels on the backup node.

  • srg-id—(Optional) Clear information related to a specific services redundancy group (SRG) in a Multinode High Availability setup.

Required Privilege Level

clear

Output Fields

This command produces no output.

Release Information

Command introduced in Junos OS Release 8.5. The fpc, pic, and kmd-instance options added in Junos OS Release 9.3. The port option added in Junos OS Release 10.0. The family option added in Junos OS Release 11.1.

Support for the ha-link-encryption option added in Junos OS Release 20.4R1.

Support for the srg-id option added in Junos OS Release 22.4R1.

Support for the node-local option added in Junos OS Release 23.2R1.

Related Documentation