- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x
- netfence firmware versions 4.2.x
Two possibilities are offered in the "VPN service" to kill an IPSEC tunnel: "Terminate Tunnel" and "Hard Kill Tunnel".
When should either of the options be used?
This method kills Phase2 of the IPSEC tunnel. Phase 2 can be reinitialised immediately as the tunnel partners exchange information with each other.
Hard Kill Tunnel:
This method kills Phase 1 of the IPSEC tunnel. As there is no exchange between the tunnel partners Phase 1 can only be re-established if the partner kills his own Phase 1.