Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remove Crypto map in Cisco ASA 1

Status
Not open for further replies.
angktwap

angktwap

Technical User
Apr 21, 2002
154
SG
Hi,

I could not remove the crypto map entry in my Cisco ASA. I have tried to input 'no' in front in front of the command but these line still exist in the configuration.


crypto map AABB 8 set security-association lifetime seconds 28800
crypto map AABB 8 set security-association lifetime kilobytes 4608000

Could someone help me on this?

Thanks in advance!!!
 
Sort by date Sort by votes
put a 'no' in front of this line:
crypto ipsec transform-set WHATEVER esp-3des esp-md5-hmac

you are trying to remove default settings for a transform set
 
Upvote 0 Downvote
I have another line in the config.

crypto map aabb 8 .....

Is the crypto map-name case sensitive?

 
Upvote 0 Downvote
what do you want to do? post a complete scrubbed config
 
Upvote 0 Downvote
Hi,

Thanks for the reply. I am trying to remove these 2 lines from my config which I keyed in by miatake.

All the crypto map should be 'aabb' instead of 'AABB'

my config:
crypto ipsec transform-set C esp-3des esp-md5-hmac
crypto ipsec transform-set D esp-aes-256 esp-md5-hmac
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000

crypto map aabb 4 match address VPN_D
crypto map aabb 4 set pfs
crypto map aabb 4 set peer xxxxxxx
crypto map aabb 4 set transform-set C D
crypto map aabb 4 set security-association lifetime seconds 3600
crypto map aabb 4 set security-association lifetime kilobytes 4608000
crypto map aabb 6 match address VPN_F
crypto map aabb 6 set peer xxxxxxx
crypto map aabb 6 set transform-set C
crypto map aabb 6 set security-association lifetime seconds 3600
crypto map aabb 6 set security-association lifetime kilobytes 4608000
crypto map aabb 7 match address VPN_G
crypto map aabb 7 set pfs
crypto map aabb 7 set peer xxxxxxx
crypto map aabb 7 set transform-set D
crypto map aabb 7 set security-association lifetime seconds 3600
crypto map aabb 7 set security-association lifetime kilobytes 4608000
crypto map aabb 8 match address VPN_H
crypto map aabb 8 set pfs
crypto map aabb 8 set peer xxxxxxx
crypto map aabb 8 set transform-set D
crypto map aabb 8 set security-association lifetime seconds 3600
crypto map aabb 8 set security-association lifetime kilobytes 4608000
crypto map aabb 999 ipsec-isakmp dynamic dynamic-remote-access
crypto map aabb interface outside

crypto map AABB 8 set security-association lifetime seconds 28800
crypto map AABB 8 set security-association lifetime kilobytes 4608000



Thanks
 
Upvote 0 Downvote


Use

clear configure crypto map AABB


That should work. Be careful with the clear configure command.
If you type clear configure with no argument it perhaps will clear your entire configuration.

For instance if I wanted to erase a specific tunnel-group I would type clear configure tunnel-g vpn1
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
580
intel233
intel233
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
314
AllenH12
AllenH12
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
624
intel233
intel233
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
159
WhosYourDiffie
WhosYourDiffie
PauS0n
  • Locked
  • Question
Need Help On Cisco ASA 5512 Running Version 9
Replies
0
Views
159
PauS0n
PauS0n

Part and Inventory Search

Sponsor

Back
Top