6 flushing installed sa table – Allied Telesis AT-WR4500 User Manual

194

AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

RouterOS v3 Configuration and User Guide

Example

Sample printout looks as follows:

[admin@WiFi] ip ipsec> installed-sa print
Flags: A - AH, E - ESP, P - pfs
0 E spi=E727605 src-address=10.0.0.148 dst-address=10.0.0.147
auth-algorithm=sha1 enc-algorithm=3des replay=4 state=mature
auth-key="ecc5f4aee1b297739ec88e324d7cfb8594aa6c35"
enc-key="d6943b8ea582582e449bde085c9471ab0b209783c9eb4bbd"
addtime=jan/28/2003 20:55:12 add-lifetime=24m/30m
usetime=jan/28/2003 20:55:23 use-lifetime=0s/0s current-bytes=128
lifebytes=0/0

1 E spi=E15CEE06 src-address=10.0.0.147 dst-address=10.0.0.148
auth-algorithm=sha1 enc-algorithm=3des replay=4 state=mature
auth-key="8ac9dc7ecebfed9cd1030ae3b07b32e8e5cb98af"
enc-key="8a8073a7afd0f74518c10438a0023e64cc660ed69845ca3c"
addtime=jan/28/2003 20:55:12 add-lifetime=24m/30m
usetime=jan/28/2003 20:55:12 use-lifetime=0s/0s current-bytes=512
lifebytes=0/0
[admin@WiFi] ip ipsec>

8.8.6

Flushing Installed SA Table

Command name: /ip ipsec installed-sa flush

Description

Sometimes after incorrect/incomplete negotiations took place, it is required to flush manually the installed
SA table so that SA could be renegotiated. This option is provided by the flush command.

Property Description

sa-type (multiple choice: ah | all | esp; default: all) - specifies SA types to flush
ah - delete AH protocol SAs only
esp - delete ESP protocol SAs only
all - delete both ESP and AH protocols SAs