Nominated Discussion: Bring down IPsec tunnel manually

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Community Team Member
No ratings

This Nominated Discussion Article is based on the post "Bring Down IPsec Tunnel Manually" by @j.nepomuceno and responded to by @TomYoung and @Raido_Rattameister . Read on to see the discussion and solution!

 

 

I am troubleshooting an issue where I need to bring down the IPsec tunnel manually, what is the best way to do this in GUI or CLI?

Thanks

 

Depending on whether you want to bounce the tunnel or actually disable it, you have different options.

 

The following CLI commands will tear down the VPN tunnel (phase1 & phase2 respectively):

  • Phase 1
    > clear vpn ike-sa gateway <gw-name>​
  • Phase 2
    > clear vpn ipsec-sa tunnel <tunnel-name>​

 

Follow these steps to clear (bounce) a tunnel using the GUI:

  • Phase 1
    • Goto Network > IPsec tunnels and select your tunnel
    • Click IKE-Info
    • At the bottom, click the action you want (Refresh or Restart)
      kiwi_0-1678370189717.png

       

  • Phase 2
    • Goto Network > IPsec tunnels and select your tunnel
    • Click Tunnel-Info
    • At the bottom, click the action you want (Refresh or Restart)
      kiwi_1-1678370393811.png

       

Instead of bouncing, you can also choose to disable/enable IKE gateways or IPsec tunnels.

 

  • Enable/Disable an IKE Gateway
    • Go to Network
       > Network Profiles > IKE Gateways and select the gateway in question.
       
    • Click Enable/Disable at the bottom of the screen
      kiwi_2-1678370792561.png

       

  • Enable/Disable an IPsec tunnel
    • Go to Network
       > IPSec Tunnels and select the tunnel in question
    • Click Enable/Disable at the bottom of the screen
      kiwi_3-1678371019353.png

       

For more information:

Rate this article:
  • 4408 Views
  • 0 comments
  • 2 Likes
Register or Sign-in
Labels
Article Dashboard
Version history
Last Updated:
‎11-04-2024 05:40 PM
Updated by: