Unable to delete tunnels on a Checkpoint VIA VPN TU?

SK33303 specifies the following:

Symptoms
  • Options 5 and 6 of the 'vpn -vs tu' command fail:

    (5) Delete all IPsec SAs for a given peer
    (6) Delete all IPsec+IKE SAs for a given peer

Working as a Managed Security Services Provider, I come accross this issue on a daily basis. Instead of applying a hotfix, there is a workaround.

To remedy the issue, make your selection followed by a space and then the peer IP.
For example:
5 1.2.3.4

An additional workaround would be to use the VPN Shell command:

vpn shell /show/tunnels/IKE/all
vpn shell /show/tunnels/ipsec/all
vpn shell /show/tunnels/ike/peer/1.1.1.1
vpn shell /show/tunnels/ipsec/peer/1.1.1.1
vpn shell /tunnels/delete/all
vpn shell /tunnels/delete/IKE/all
vpn shell /tunnels/delete/IKE/peer/1.1.1.1
vpn shell /tunnels/delete/IPsec/all
vpn shell /tunnels/delete/IPsec/peer/1.1.1.1

5/18/2010 11:25:00 AM

Posted by Kishore | Filed Under | 0 Comments

Comments

0 Responses to "Unable to delete tunnels on a Checkpoint VIA VPN TU?"

Post a Comment

Search This Blog

Blog Archive

Total Pageviews