Command introduced before JUNOS Release 7.4.
(Encryption interface on M Series and T Series routers only) Clear information about the current IP Security (IPSec) security association. This command is valid for dynamic security associations only. When this command is issued, a new security association is created.
none — Clear all IPSec security associations.
sa-name — (Optional) Clear the specified security association.
view
show ipsec security-associations
See the show ipsec security-associations for an explanation of output fields.
clear ipsec security-associations
The following output from the show ipsec security-associations detail command is displayed before and after the clear ipsec security-associations command is issued:
user@host> show ipsec security-associations
detail Security association: sa-dynamic, Interface family: Up Direction: inbound, SPI: 242379418, State: Installed Mode: tunnel, Type: dynamic Protocol: ESP, Authentication: hmac-md5-96, Encryption: None Soft lifetime: Expires in 22979 seconds Hard lifetime: Expires in 28739 seconds Direction: outbound, SPI: 368592771, State: Installed Mode: tunnel, Type: dynamic Protocol: ESP, Authentication: hmac-md5-96, Encryption: None Soft lifetime: Expires in 22979 seconds Hard lifetime: Expires in 28739 seconds
user@host> clear ipsec security-associationsuser@host> show ipsec security-associations
detailSecurity association: sa-dynamic, Interface family: Up Direction: inbound, SPI: 1031597683, State: Installed Mode: tunnel, Type: dynamic Protocol: ESP, Authentication: hmac-md5-96, Encryption: None Soft lifetime: Expires in 23037 seconds Hard lifetime: Expires in 28797 seconds Direction: outbound, SPI: 1618419878, State: Installed Mode: tunnel, Type: dynamic Protocol: ESP, Authentication: hmac-md5-96, Encryption: None Soft lifetime: Expires in 23037 seconds Hard lifetime: Expires in 28797 seconds