ISAKMP
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Clearing Crypto Map Configurations<br />
Chapter 29<br />
Configuring IPsec and <strong>ISAKMP</strong><br />
Table 29-6<br />
Commands to Clear and Reinitialize IPsec SAs (continued)<br />
Command<br />
clear configure crypto map<br />
clear configure crypto isakmp<br />
clear configure crypto isakmp policy<br />
clear crypto isakmp sa<br />
Purpose<br />
Removes all crypto maps. Includes keywords that let you<br />
remove specific crypto maps.<br />
Removes the entire <strong>ISAKMP</strong> configuration.<br />
Removes all <strong>ISAKMP</strong> policies or a specific policy.<br />
Removes the entire <strong>ISAKMP</strong> SA database.<br />
Clearing Crypto Map Configurations<br />
The clear configure crypto command includes arguments that let you remove elements of the crypto<br />
configuration, including IPsec, crypto maps, dynamic crypto maps, CA trustpoints, all certificates,<br />
certificate map configurations, and <strong>ISAKMP</strong>.<br />
Be aware that if you enter the clear configure crypto command without arguments, you remove the<br />
entire crypto configuration, including all certificates.<br />
For more information, see the clear configure crypto command in the Cisco Security Appliance<br />
Command Reference.<br />
Supporting the Nokia VPN Client<br />
The security appliance supports connections from Nokia VPN Clients on Nokia 92xx Communicator<br />
series phones using the Challenge/Response for Authenticated Cryptographic Keys (CRACK) protocol.<br />
CRACK is ideal for mobile IPsec-enabled clients that use legacy authentication techniques instead of<br />
digital certificates. It provides mutual authentication when the client uses a legacy based secret-key<br />
authentication technique such as RADIUS and the gateway uses public-key authentication.<br />
The Nokia back-end services must be in place to support both Nokia clients and the CRACK protocol.<br />
This requirement includes the Nokia Security Services Manager (NSSM) and Nokia databases as shown<br />
in Figure 29-5.<br />
29-28<br />
Cisco Security Appliance Command Line Configuration Guide<br />
OL-12172-04