In today’s article I am going to inform you about the Cisco iOS EXEC privileged mode command called “clear crypto gdoi”. Network administrators (such as you) use this command to clear the state of the current session of the interpretation domain group (GDOI) member with the key server.
The following is the syntax of the command:
clear crypto gdoi [group group-name | ks coop counters | ks policy | replay counter]
group group-name – This (optional) combination of keywords and arguments is used to give a group name.
Cop Cop Counters – This (optional) keyword is used to clean the counters on the co-op key server.
policy ks – This (optional) keyword is used to clear all policies that are on the key server. Remember that when you use this keyword, it does not activate (trigger) the re-selection of key servers.
play counter – This (optional) keyword is used to clear anti-repeat counters.
note: If you execute this command for a group member, its policy (status) will be deleted (cleared); and he will need to re-register on the key server.
And, if you execute this command on the key server, its “state” will be deleted (cleared). Also, if a backup between servers is required and this command is executed on one of them, this will cause this server to return to election mode to select a new primary server.
By the way, if you decide to use the command, make sure your router (s) are running Cisco iOS 12.4 (11) T or higher.
I hope this article was very informative and helped you quickly understand using the clear crypto gdoi command. If you need to know more; I suggest you visit my website where you will find the latest information on Cisco CCNA Security Exam Methods (640-553).
Good luck to you,