Comments on: Manage VPN tunnels smartly: forget vpn tu,enter the vpn shell http://yurisk.info/2008/09/23/manage-vpn-tunnels-smartly-forget-vpn-tuenter-the-vpn-shell/ Technical Blog about IT Security and Networking Tue, 27 Jul 2010 20:30:37 +0000 http://wordpress.org/?v=2.8.6 hourly 1 By: yurisk http://yurisk.info/2008/09/23/manage-vpn-tunnels-smartly-forget-vpn-tuenter-the-vpn-shell/comment-page-1/#comment-13 yurisk Thu, 17 Sep 2009 18:09:46 +0000 http://yurisk.wordpress.com/?p=34#comment-13 You're welcome, this command does exactly what clear crypto in cisco does - clears SAs and all the info in active VPN database. You’re welcome,
this command does exactly what clear crypto in cisco does – clears SAs and all the info in active
VPN database.

]]> By: Rick http://yurisk.info/2008/09/23/manage-vpn-tunnels-smartly-forget-vpn-tuenter-the-vpn-shell/comment-page-1/#comment-12 Rick Thu, 17 Sep 2009 07:27:45 +0000 http://yurisk.wordpress.com/?p=34#comment-12 Hi Yuri Thanks for your fast reply, I'm just used to clearing the tunnels at the cisco router using clear crypto sa Thanks again Rick Hi Yuri

Thanks for your fast reply, I’m just used to clearing the tunnels at the cisco router using clear crypto sa

Thanks again

Rick

]]> By: yurisk http://yurisk.info/2008/09/23/manage-vpn-tunnels-smartly-forget-vpn-tuenter-the-vpn-shell/comment-page-1/#comment-11 yurisk Wed, 16 Sep 2009 15:50:19 +0000 http://yurisk.wordpress.com/?p=34#comment-11 Yes, you are right - this will delete what is called Security Associations for the tunnel - that is delete active tunnel, not changing any configuration that is related to the tunnel. The moment any traffic matching VPN encryption/community rule will reach the firewall again , firewall will create new tunnel. No other commands are needed, just traffic that will use the VPN tunnel. Cheers Yuri Yes, you are right – this will delete what is called Security Associations for the tunnel – that is
delete active tunnel, not changing any configuration that is related to the tunnel. The moment any traffic
matching VPN encryption/community rule will reach the firewall again , firewall will create new tunnel.
No other commands are needed, just traffic that will use the VPN tunnel.
Cheers
Yuri

]]> By: Rick http://yurisk.info/2008/09/23/manage-vpn-tunnels-smartly-forget-vpn-tuenter-the-vpn-shell/comment-page-1/#comment-10 Rick Wed, 16 Sep 2009 14:52:43 +0000 http://yurisk.wordpress.com/?p=34#comment-10 Hi yurisk Thanks for the information. Not trying to sound to dumb, am I right in thinking that deleting the tunnel will just bring it down? What I’m trying to say is will the connection re-establish itself? Or do you have to issue anther command? Many thanks Rick Hi yurisk

Thanks for the information. Not trying to sound to dumb, am I right in thinking that deleting the tunnel will just bring it down? What I’m trying to say is will the connection re-establish itself? Or do you have to issue anther command?

Many thanks

Rick

]]>