no (crypto-map-ipsec-isakmp)

Removes or reverts the auto site-to-site VPN tunnel or remote VPN client settings

Supported on the following devices:

Access Points: AP3000/X, AP5010, AP310i/e, AP410i/e, AP505i, AP510i, AP510e, AP560i, AP6522, AP6562, AP7161, AP7502, AP7522, AP7532, AP7562, AP7602, AP7612, AP7622, AP763, AP7662, AP8163, AP8543, AP8533.
Service Platforms: NX5500, NX7500, NX9500, NX9600
Virtual Platforms: CX9000, VX9000

Syntax

no [ip|local-endpoint-ip|modeconfig|peer|pfs|remote-type|security-association|transform-set|use]

Parameters

no <PARAMETERS>


no <PARAMETERS>	Removes or resets this auto site-to-site/remote VPN settings based on the parameters passed

Example

The following example shows the IPSec site-to-site VPN tunnel ‘test‘ settings before the ‘no‘ commands are executed:

nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#show context
 crypto map test 1 ipsec-isakmp
  use ip-access-list test
  security-association level perhost
  peer 1 ikev2 ikev2Peer1
  local-endpoint-ip 192.168.13.10
  pfs 5
  security-association lifetime kilobytes 250000
  security-association inactivity-timeout 200
  transform-set AutVPN
  ip nat crypto
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#

nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#no use ip-access-list
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#no security-association level perhost
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#no ip nat crypto
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#no pfs
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#no local-endpoint-ip

The following example shows the IPSec site-to-site VPN tunnel ‘test‘ settings after the ‘no‘ commands are executed:

nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#show context
 crypto map test 1 ipsec-isakmp
  peer 1 ikev2 ikev2Peer1
  security-association lifetime kilobytes 250000
  security-association inactivity-timeout 200
  transform-set AutoVPN
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#1)#

The following example shows the IPSec remote VPN client ‘test‘ settings before the ‘no‘ commands are executed:

nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#2)#show context
 crypto map test 2 ipsec-isakmp dynamic
  use ip-access-list test2
  peer 1 ikev1 RemoteIKEv1Peer1
  local-endpoint-ip 157.235.204.62
  pfs 14
  security-association lifetime seconds 10000
  transform-set RemoteVPN
  remote-type none
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#2)#

nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#2)#no use ip-access-list
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#2)#no peer 1
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#2)#no transform-set

The following example shows the IPSec remote VPN client ‘test‘ settings after the ‘no‘ commands are executed:

nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#2)#show context
 crypto map test 2 ipsec-isakmp dynamic
  local-endpoint-ip 157.235.204.62
  pfs 14
  security-association lifetime seconds 10000
  remote-type none
nx9500-6C8809(config-device-B4-C7-99-6C-88-09-cryptomap-test#2)#