1-39
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring IPsec and ISAKMP
Clearing Crypto Map Configurations
Clearing Crypto Map Configurations
The clear configure crypto command includes arguments that let you remove elements of the crypto
configuration, including IPsec, crypto maps, dynamic crypto maps, CA trustpoints, all certificates,
certificate map configurations, and ISAKMP.
Be aware that if you enter the clear configure crypto command without arguments, you remove the
entire crypto configuration, including all certificates.
For more information, see the clear configure crypto command in the Cisco ASA Series Command
Reference.
Supporting the Nokia VPN Client
The ASA supports connections from Nokia VPN clients on Nokia 92xx Communicator series phones
using the Challenge/Response for Authenticated Cryptographic Keys (CRACK) protocol. CRACK is
ideal for mobile IPsec-enabled clients that use legacy authentication techniques instead of digital
certificates. It provides mutual authentication when the client uses a legacy-based secret-key
authentication technique such as RADIUS and the gateway uses public-key authentication.
The Nokia back-end services must be in place to support both Nokia clients and the CRACK protocol.
This requirement includes the Nokia Security Services Manager (NSSM) and Nokia databases as shown
in Figure 1-5.
clear configure crypto isakmp policy Removes all ISAKMP policies or a specific policy.
clear crypto isakmp sa Removes the entire ISAKMP SA database.
Table 1-7 Commands to Clear and Reinitialize IPsec SAs (continued)
Command Purpose
To Next Page
Loading...
Need help?
General
