clear security ipsec security-associations
Syntax
clear security ipsec security-associations <family (inet | inet6)> <fpc slot-number> <index SA-index-number> <kmd-instance (all | kmd-instance-name)> <pic slot-number> <srg-id id-number> <ha-link-encryption>
Description
Clear information about IPsec security associations (SAs).
Options
none—Clear all IPsec SAs.
family—(Optional) Clear SAs by family.inet—IPv4 address family.inet6—IPv6 address family.
fpcslot-number—Specific to SRX Series devices. Clear information about existing IPsec SAs in this Flexible PIC Concentrator (FPC) slot.indexSA-index-number—(Optional) Clear the IPsec SA with this index number.kmd-instance—Specific to SRX Series devices. Clear information about existing IPsec SAs in the key management process (the daemon, which in this case is KMD) identified by FPCslot-numberand PICslot-number.all—All KMD instances running on the Services Processing Unit (SPU).kmd-instance-name—Name of the KMD instance running on the SPU.
picslot-number—Specific to SRX Series devices. Clear information about existing IPsec SAs in this PIC slot.ha-link-encryption—(Optional) Clear information about IPsec SAs for interchassis link tunnel only. See ipsec (High Availability). When you enable High Availability feature, you cannot delete customer tunnels on the backup node.-
srg-id—(Optional) Clear statistics related to a specific services redundancy group (SRG) in a Multinode High Availability setup..
Required Privilege Level
clear
Output Fields
This command produces no output.
Release Information
Command introduced in Junos OS Release
8.5. The fpc, pic, and kmd-instance options added in Junos OS Release 9.3. The family option
added in Junos OS Release 11.1.
Support for the ha-link-encryption option added in Junos OS Release 20.4R1.
Support for the srg-id option added in Junos OS Release 22.4R1.