Table Of Contents

clear configure flow-export through clear configure zonelabs-integrity Commands

clear configure flow-export

clear configure icmp

clear configure imap4s

clear configure interface

clear configure interface bvi

clear configure ip

clear configure ip audit

clear configure ip local pool

clear configure ipv6 dhcprelay

clear configure ipv6 router

clear configure ip verify reverse-path

clear configure ipv6

clear configure isakmp

clear configure isakmp policy

clear configure ldap attribute-map

clear configure logging

clear configure logging rate-limit

clear configure mac-address-table

clear configure mac-learn

clear configure mac-list

clear configure management-access

clear configure media-termination

clear configure monitor-interface

clear configure mroute

clear configure mtu

clear configure multicast-routing

clear configure nac-policy

clear configure name

clear configure nat

clear configure ntp

clear configure object

clear configure object-group

clear configure object-group-search

clear configure pager

clear configure passwd

clear configure password-policy

clear configure phone-proxy

clear configure pim

clear configure policy-map

clear configure pop3s

clear configure prefix-list

clear configure priority-queue

clear configure privilege

clear configure regex

clear configure route

clear configure route-map

clear configure router

clear configure same-security-traffic

clear configure service-policy

clear configure sla monitor

clear configure smtps

clear configure smtp-server

clear configure snmp-map

clear configure snmp-server

clear configure ssh

clear configure ssl

clear configure static

clear configure sunrpc-server

clear configure sysopt

clear configure tcp-map

clear configure telnet

clear configure terminal

clear configure threat-detection

clear configure timeout

clear configure time-range

clear configure tls-proxy

clear configure tunnel-group

clear configure tunnel-group-map

clear configure uc-ime

clear configure url-block

clear configure url-cache

clear configure url-list

clear configure url-server

clear configure user-identity

clear configure username

clear configure virtual

clear configure vpdn group

clear configure vpdn username

clear configure vpn-load-balancing

clear configure wccp

clear configure xlate

clear configure zonelabs-integrity

clear configure flow-export through clear configure zonelabs-integrity Commands

---

clear configure flow-export

To clear flow-export configurations that are associated with NetFlow data, use the clear configure flow-export command in global configuration mode.

clear configure flow-export [destination]

Syntax Description

destination

Clears only the destination-related flow-export configuration.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
8.1(1)	This command was introduced.
9.1(2)	An error message was added for a specific use case.

Usage Guidelines

The destination keyword clears only the destination-related flow-export configuration; the other flow-export configurations still remain.

In clustering, when you remove the destination flow-export configuration from the master unit, this configuration is also removed from the slave units.

As long as at least one flow-export destination is being referenced in the flow-export event-type command, entering the clear configure flow-export [destination] command fails and none of the flow-export configurations are changed or removed.

The following error message appears in this case:

ERROR: "Some destinations may be in use.  Remove references before attempting to clear 
flow-export configuration"

Examples

The following example show how to clear all flow-export configurations, including destinations:

hostname(config)# clear configure flow-export 

The following example shows how to clear only the destination-related flow-export configuration:

hostname(config)# clear configure flow-export destination

Related Commands

Commands	Description
flow-export destination	Specifies the IP address or hostname of the NetFlow collector, and the UDP port on which the NetFlow collector is listening.
flow-export template timeout-rate	Controls the interval at which the template information is sent to the NetFlow collector.
logging flow-export-syslogs enable	Enables syslog messages after you have entered the logging flow-export-syslogs disable command, and the syslog messages that are associated with NetFlow data.
show flow-export counters	Displays all runtime counters in NetFlow.

clear configure icmp

To clear the configured access rules for ICMP traffic, use the clear configure icmp command in global configuration mode.

clear configure icmp

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The clear configure icmp command clears the configured access rules for ICMP traffic.

Examples

The following example clears the clear configured access rules for ICMP traffic:

hostname# clear configure icmp

Related Commands

Commands	Description
clear configure icmp	Clears the ICMP configuration.
debug icmp	Enables the display of debug information for ICMP.
show icmp	Displays ICMP configuration.
timeout icmp	Configures the idle timeout for ICMP.

clear configure imap4s

To remove all IMAP4S commands from the configuration and revert to default values, use the clear configure imap4s command in global configuration mode.

clear configure imap4s

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example shows how to remove the IMAP4S configuration:

hostname(config)# clear configure imap4s

hostname(config)# 

Related Commands

Command	Description
show running-configuration imap4s	Displays the running configuration for IMAP4S.
imap4s	Creates or edits an IMAP4S e-mail proxy configuration.

clear configure interface

To clear the interface configuration, use the clear configure interface command in global configuration mode.

clear configure interface [physical_interface[.subinterface] | mapped_name | interface_name]

Syntax Description

interface_name	(Optional) Identifies the interface name set with the nameif command.
mapped_name	(Optional) In multiple context mode, identifies the mapped name if it was assigned using the allocate-interface command.
physical_interface	(Optional) Identifies the interface ID, such as gigabitethernet0/1. See the interface command for accepted values.
subinterface	(Optional) Identifies an integer between 1 and 4294967293 designating a logical subinterface.

Defaults

If you do not specify an interface, the ASA clears all interface configuration.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was changed from clear interface. This command was also modified to include the new interface numbering scheme.

Usage Guidelines

When you clear the interface configuration for main physical interfaces, the ASA uses the default settings.

You cannot use the interface name in the system execution space, because the nameif command is only available within a context. Similarly, if you mapped the interface ID to a mapped name using the allocate-interface command, you can only use the mapped name in a context.

Examples

The following example clears the GigabitEthernet0/1 configuration:

hostname(config)# clear configure interface gigabitethernet0/1

The following example clears the inside interface configuration:

hostname(config)# clear configure interface inside

The following example clears the int1 interface configuration in a context. "int1" is a mapped name:

hostname/contexta(config)# clear configure interface int1

The following example clears all interface configuration:

hostname(config)# clear configure interface

Related Commands

Command	Description
allocate-interface	Assigns interfaces and subinterfaces to a security context.
clear interface	Clears counters for the show interface command.
interface	Configures an interface and enters interface configuration mode.
show interface	Displays the runtime status and statistics of interfaces.

clear configure interface bvi

To clear the bridge virtual interface configuration, use the clear configure interface bvi command in global configuration mode.

clear configure interface bvi bridge_group_number

Syntax Description

bridge_group_number

Specifies the bridge group number as an integer between 1 and 100.

Command Default

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	—	•	•	•	—

Command History

Release	Modification
8.4(1)	We introduced this command.

Examples

The following example clears the interface configuration for bridge group 1:

hostname(config)# clear configure interface bvi 1

Related Commands

Command	Description
bridge-group	Groups transparent firewall interfaces into a bridge group.
interface	Configures an interface.
interface bvi	Creates a bridge virtual interface.
ip address	Sets the management IP address for a bridge group.
show bridge-group	Shows bridge group information, including member interfaces and IP addresses.
show running-config interface bvi	Shows the bridge group interface configuration.

clear configure ip

To clear all IP addresses set by the ip address command, use the clear configure ip command in global configuration mode.

clear configure ip

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

In transparent firewall mode, this command clears the management IP address and the management 0/0 IP address, if configured.

If you want to stop all current connections that use the old IP addresses, enter the clear xlate command. Otherwise, the connections time out as usual.

Examples

The following example clears all IP addresses:

hostname(config)# clear configure ip

Related Commands

Command	Description
allocate-interface	Assigns interfaces and subinterfaces to a security context.
clear configure interface	Clears all configuration for an interface.
interface	Configures an interface and enters interface configuration mode.
ip address	Sets the IP address for the interface.
show running-config interface	Displays the interface configuration.

clear configure ip audit

To clear the entire audit policy configuration, use the clear configure ip audit command in global configuration mode.

clear configure ip audit [configuration]

Syntax Description

configuration

(Optional) You can enter this keyword, but the effect is the same without it.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was changed from clear ip audit.

Examples

The following example clears all ip audit commands:

hostname# clear configure ip audit

Related Commands

Command	Description
ip audit attack	Sets the default actions for packets that match an attack signature.
ip audit info	Sets the default actions for packets that match an informational signature.
ip audit interface	Assigns an audit policy to an interface.
ip audit name	Creates a named audit policy that identifies the actions to take when a packet matches an attack signature or an informational signature.
ip audit signature	Disables a signature.

clear configure ip local pool

To remove IP address pools, use the clear configure ip local pool command in global configuration mode.

clear ip local pool [poolname]

Syntax Description

poolname

(Optional) Specifies the name of the IP address pool.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example removes all IP address pools from the running configuration:

hostname(config)# clear config ip local pool

hostname(config)# 

Related Commands

Command	Description
clear configure ip local pool	Removes all ip local pools.
ip local pool	Configures an IP address pool.

clear configure ipv6 dhcprelay

To clear the IPv6 DHCP relay configuration, use the clear configure ipv6 dhcprelay command in global configuration mode.

clear configure ipv6 dhcprelay

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
9.0(1)	This command was introduced.

Usage Guidelines

The clear configure ipv6 dhcprelay command clears the IPv6 DHCP relay configuration.

Examples

The following example clears the IPv6 DHCP relay configuration:

hostname# clear configure ipv6 dhcprelay

Related Commands

Commands	Description
clear ipv6 dhcprelay binding	Clears IPv6 DHCP relay binding entries.
debug ipv6 dhcprelay	Enables the display of debugging information for IPv6 DHCP relay.
show ipv6 dhcprelay binding	Shows IPv6 DHCP relay binding entries.

clear configure ipv6 router

To clear OSPFv3 routing processes, use the clear configure ipv6 router command in privileged EXEC mode.

clear configure ipv6 router ospf

Syntax Description

ospf	Clears the OSPFv3 routing processes.

Defaults

By default, this command clears all OSPFv3 routing parameters.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	•	—

Command History

Release	Modification
9.0(1)	This command was introduced.

Usage Guidelines

Use the clear configure ipv6 router command to clear OSPFv3 processes.

Examples

The following example clears the OSPFv3 processes:

hostname# clear configure ipv6 router

Related Commands

Command	Description
clear ipv6 ospf	Deletes all IPv6 settings in the OSPFv3 routing process.
debug ospfv3	Provides debugging information for troubleshooting OSPFv3 routing processes.

clear configure ip verify reverse-path

To clear the ip verify reverse-path configuration, use the clear configure ip verify reverse-path command in global configuration mode.

clear configure ip verify reverse-path

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.0(1)	This command was changed from clear ip verify reverse-path.

Examples

The following example clears the ip verify reverse-path configuration for all interfaces:

hostname(config)# clear configure ip verify reverse-path

Related Commands

Command	Description
clear ip verify statistics	Clears the unicast RPF statistics.
ip verify reverse-path	Enables the unicast RPF feature to prevent IP spoofing.
show ip verify statistics	Shows the unicast RPF statistics.
show running-config ip verify reverse-path	Shows the ip verify reverse-path configuration.

clear configure ipv6

To clear the global IPv6 commands from the running configuration, use the clear configure ipv6 command in global configuration mode.

clear configure ipv6 [route | access-list]

Syntax Description

access-list	(Optional) Clears the IPv6 access list commands from the running configuration.
route	(Optional) Clears the commands that statically define routes in the IPv6 routing table from the running configuration.

Defaults

Without keywords, this command clears all IPv6 commands from the running configuration.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

This command only clears the global IPv6 commands from the running configuration; it does not clear the IPv6 commands entered in interface configuration mode.

Examples

The following example shows how to clear statically defined IPv6 routes from the IPv6 routing table:

hostname(config)# clear configure ipv6 route

hostname(config)#

Related Commands

Command	Description
ipv6 route	Defines a static route in the IPv6 routing table.
show ipv6 route	Displays the contents of the IPv6 routing table.
show running-config ipv6	Displays the IPv6 commands in the running configuration.

clear configure isakmp

To remove all of the ISAKMP configuration, use the clear configure isakmp command in global configuration mode.

clear configure isakmp

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.0(1)	The clear configure isakmp command was introduced.
7.2(1)	This command was deprecated. The clear configure crypto isakmp command replaced it.
9.0(1)	Support for multiple context mode was added.

Examples

The following example issued in global configuration mode, removes all of the ISAKMP configuration from the ASA:

hostname(config)# clear configure isakmp

hostname(config)# 

Related Commands

Command	Description
clear configure isakmp policy	Clears all ISAKMP policy configuration.
isakmp enable	Enables ISAKMP negotiation on the interface on which the IPsec peer communicates with the ASA.
show isakmp stats	Displays runtime statistics.
show isakmp sa	Displays IKE runtime SA database with additional information.
show running-config isakmp	Displays the active configuration.

clear configure isakmp policy

To remove all of the ISAKMP policy configuration, use the clear configure isakmp policy command in global configuration mode.

clear configure isakmp policy priority

Syntax Description

priority

Specifies the priority of the ISAKMP priority to be cleared.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	The clear configure isakmp policy command was introduced.
7.2(1)	This command was deprecated. The clear configure crypto isakmp policy command replaced it.

Examples

The following example removes the ISAKMP policy with priority 3 from the configuration:

hostname(config)# clear configure isakmp policy 3

hostname(config)# 

Related Commands

Command	Description
isakmp enable	Enables ISAKMP negotiation on the interface on which the IPsec peer communicates with the ASA.
show isakmp stats	Displays runtime statistics.
show isakmp sa	Displays IKE runtime SA database with additional information.
show running-config isakmp	Displays the active configuration.

clear configure ldap attribute-map

To remove all the LDAP attribute maps from the running configuration of the ASA, use the clear configure ldap attribute-map command in global configuration mode.

clear configure ldap attribute-map

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.1(1)	This command was introduced.

Usage Guidelines

Use this command to remove the LDAP attribute maps from the running configuration of the ASA.

Examples

The following example, entered in global configuration mode, removes all LDAP attributes map from the running configuration and then confirms the removal by using the show running-config ldap attribute-map command:

hostname(config)# clear configuration ldap attribute-map

hostname(config)# show running-config ldap attribute-map

hostname(config)#

Related Commands

Command	Description
ldap attribute-map (global config mode)	Creates and names an LDAP attribute map for mapping user-defined attribute names to Cisco LDAP attribute names.
ldap-attribute-map (aaa-server host mode)	Binds an LDAP attribute map to an LDAP server.
map-name	Maps a user-defined LDAP attribute name with a Cisco LDAP attribute name.
map-value	Maps a user-defined attribute value to a Cisco attribute.
show running-config ldap attribute-map	Displays a specific running LDAP attribute map or all running attribute maps.

clear configure logging

To clear logging configuration, use the clear configure logging command in global configuration mode.

clear configure logging [disabled | level]

Syntax Description

disabled	(Optional) Indicates that all disabled syslog messages should be re-enabled. When you use this option, no other logging configuration is cleared.
level	(Optional) Indicates that the severity level assignments for syslog messages should be reset to their default values. When you use this option, no other logging configuration is cleared.

Defaults

With no keywords specified, this command returns all configuration settings to their default values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

You can use the show running-config logging command to view all logging configuration settings. If you use the clear configure logging command without either the disabled or level keyword, all logging configuration settings are cleared and returned to their default values.

Examples

The following example shows how to clear logging configuration settings. The output of the show logging command indicates that all logging features have been disabled.

hostname(config)# clear configure logging

hostname(config)# show logging

Syslog logging: disabled

    Facility: 20

    Timestamp logging: disabled

    Standby logging: disabled

    Deny Conn when Queue Full: disabled

    Console logging: disabled

    Monitor logging: disabled

    Buffer logging: disabled

    Trap logging: disabled

    History logging: disabled

    Device ID: disabled

    Mail logging: disabled

    ASDM logging: disabled

Related Commands

Command	Description
show logging	Displays the enabled logging options.
show running-config logging	Displays the logging-related portion of the running configuration.

clear configure logging rate-limit

To reset the logging rate limit, use the clear configure logging rate-limit command in global configuration mode.

clear configure logging rate-limit

Syntax DescriptionThis command has no arguments or keywords.

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(4)	This command was introduced.

Examples

The following example shows how to reset the logging rate limit:

hostname(config)# clear configure logging rate-limit

After the information is cleared, nothing more displays until the hosts reestablish their connections.

Related Commands

Command	Description
logging rate limit	Limits the rate at which syslog messages are generated.
show running config logging rate-limit	Shows the current logging rate limit setting.

clear configure mac-address-table

To clear the mac-address-table static and mac-address-table aging-time configuration, use the clear configure mac-address-table command in global configuration mode.

clear configure mac-address-table

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	—	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example clears the mac-address-table static and mac-address-table aging-time configuration:

hostname# clear configure mac-address-table

Related Commands

Command	Description
firewall transparent	Sets the firewall mode to transparent.
mac-address-table aging-time	Sets the timeout for dynamic MAC address entries.
mac-address-table static	Adds static MAC address entries to the MAC address table.
mac-learn	Disables MAC address learning for an interface.
show mac-address-table	Shows the MAC address table, including dynamic and static entries.

clear configure mac-learn

To clear the mac-learn configuration, use the clear configure mac-learn command in global configuration mode.

clear configure mac-learn

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	—	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example clears the mac-learn configuration:

hostname# clear configure mac-learn

Related Commands

Command	Description
firewall transparent	Sets the firewall mode to transparent.
mac-address-table static	Adds static MAC address entries to the MAC address table.
mac-learn	Disables MAC address learning for an interface.
show mac-address-table	Shows the MAC address table, including dynamic and static entries.

clear configure mac-list

To remove the indicated list of MAC addresses, previously specified in the mac-list command, use the clear configure mac-list command in global configuration mode:

clear configure mac-list id

Syntax Description

id	A MAC address list name.

Defaults

No default behaviors or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	—	—	•

Command History

Release	Modification
7.0(1)	This command was modified to conform to CLI standards.

Usage Guidelines

To remove a list of MAC addresses, use the clear mac-list command.

Examples

The following example shows how to clear a MAC address list:

hostname(config)# clear configure mac-list firstmaclist

Related Commands

Command	Description
mac-list	Adds a list of MAC addresses using a first-match search.
show running-config mac-list	Displays the MAC addresses in the MAC address list indicated by the id value.

clear configure management-access

To remove the configuration of an internal interface for management access of the ASA, use the clear configure management-access command in global configuration mode.

clear configure management-access

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	The keyword configure was added.
9.0(1)	Support for multiple context mode was added.

Usage Guidelines

The management-access command lets you define an internal management interface using the IP address of the firewall interface specified in the mgmt_if argument. (The interface names are defined by the nameif command and displayed in quotes, " ", in the output of the show interface command.) The clear configure management-access command removes the configuration of the internal management interface specified with the management-access command.

Examples

The following example removes the configuration of an internal interface for management access of the ASA:

hostname(config)# clear configure management-access 

Related Commands

Command	Description
management-access	Configures an internal interface for management access.
show running-config management-access	Displays the name of the internal interface configured for management access.

clear configure media-termination

To clear the configured media-termination instances from a phone proxy, use the clear configure media-termination command in privileged EXEC mode.

clear configure media-termination

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Privileged EXEC	•	—	•	—	—

Command History

Release	Modification
8.2(1)	This command was introduced.

Examples

The following example clears the configured media-termination instances from a phone proxy:

hostname# clear configure media-termination

Related Commands

Command	Description
media-termination address	Configures the media-termination address for a phone proxy instance.

clear configure monitor-interface

To remove all monitor-interface commands from the running configuration and restore the default interface health monitoring, use the clear configure monitor-interface command in global configuration mode.

clear configure monitor-interface

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

By default, physical interfaces are monitored for failover. Using the clear monitor-interface command clears the no monitor-interface commands from the running configuration and restores default interface health monitoring. To view the monitor-interface commands in the running configuration, use the show running-config all monitor-interface command.

Examples

The following example clears the monitor-interface commands from the running configuration:

hostname(config)# clear configure monitor-interface

hostname(config)#

Related Commands

Command	Description
monitor-interface	Enables health monitoring of a designated interface for failover purposes.
show running-config monitor-interface	Displays the monitor-interface commands in the running configuration.

clear configure mroute

To remove the mroute commands from the running configuration, use the clear configure mroute command in global configuration mode.

clear configure mroute

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example shows how to remove the mroute commands from the configuration:

hostname(config)# clear configure mroute

hostname(config)#

Related Commands

Command	Description
mroute	Configures a static multicast route.
show mroute	Displays IPv4 multicast routing table.
show running-config mroute	Displays the mroute commands in the running configuration.

clear configure mtu

To clear the configured maximum transmission unit values on all interfaces, use the clear configure mtu command in global configuration mode.

clear configure mtu

Syntax Description

This command has no arguments or keywords.

Defaults

Using the clear configure mtu command sets the maximum transmission unit to the default of 1500 for all Ethernet interfaces.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	—	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example clears the current maximum transmission unit values on all interfaces:

hostname(config)# clear configure mtu

Related Commands

Command	Description
mtu	Specifies the maximum transmission unit for an interface.
show running-config mtu	Displays the current maximum transmission unit block size.

clear configure multicast-routing

To remove the multicast-routing command from the running configuration, use the clear configure multicast-routing command in global configuration mode.

clear configure multicast-routing

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The clear configure multicast-routing command removes the multicast routing from the running configuration.

Examples

The following example shows how to remove the multicast-routing command from the running configuration:

hostname(config)# clear configure multicast-routing

Related Commands

Command	Description
multicast-routing	Enables multicast routing on the ASA.

clear configure nac-policy

To remove all NAC policies from the running configuration, except for those that are assigned to group policies, use the clear configure nac-policy command in global configuration mode.

clear configure nac-policy

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	—	—	•

Command History

Release	Modification
8.0(2)	This command was introduced.

Usage Guidelines

Use this command only if you want to remove all NAC policies. Use the no form of the nac-policy command to remove a single NAC policy from the configuration.

Examples

The following example shows how to remove all NAC policies:

hostname(config)# clear config nac-policy

Related Commands

Command	Description
nac-policy	Creates and accesses a Cisco NAC policy, and specifies its type.
show nac-policy	Displays NAC policy usage statistics on the ASA.
show running-config nac-policy	Displays the configuration of each NAC policy on the ASA.
show vpn-session_summary.db	Displays the number of IPsec, WebVPN, and NAC sessions.
show vpn-session.db	Displays information about VPN sessions, including NAC results.

clear configure name

To clear the list of names from the configuration, use the clear configure name command in global configuration mode.

clear configure name

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	The configure keyword was added.

Usage Guidelines

Use this command to clear the list of names in a configuration.

Examples

The following example shows how to clear the list of names in a configuration:

hostname(config)# clear configure name

Related Commands

Command	Description
name	Associates a name with an IP address.
show running-config name	Displays the list of names associated with IP addresses.

clear configure nat

To remove the NAT configuration, use the clear configure nat command in global configuration mode.

clear configure nat

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	Added the keyword configure.
8.0(2)	We introduced support for NAT in transparent mode.
8.3(1)	The NAT configuration was migrated to a new set of commands. This command clears the new NAT configuration.

Usage Guidelines

This command clears both network object NAT nat commands and twice NAT nat commands.

Examples

The following example shows how to remove the NAT configuration:

hostname(config)# show running-config nat

nat (any,any) source static any any

!

object network test

 nat (any,any) static 10.2.2.2

hostname(config)# clear configure nat

hostname(config)# show running-config nat

hostname(config)# 

Related Commands

Command	Description
nat (object network)	Configures network object NAT.
nat (global)	Configures twice NAT.
show running-config nat	Displays the NAT configuration.

clear configure ntp

To clear the NTP configuration, use the clear configure ntp command in global configuration mode.

clear configure ntp

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	—	•

Command History

Release	Modification
7.0(1)	This command was changed from clear ntp.

Examples

The following example clears all ntp commands:

hostname# clear configure ntp

Related Commands

Command	Description
ntp authenticate	Enables NTP authentication.
ntp authentication-key	Sets the NTP authentication key.
ntp server	Identifies an NTP server to set the time on the ASA.
ntp trusted-key	Specifies the NTP trusted key.
show running-config ntp	Shows the NTP configuration.

clear configure object

To clear all unused network objects and service objects from the configuration, including any NAT objects within these objects, use the clear configure object command in global configuration mode.

clear configure object

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
8.3(1)	This command was introduced.

Examples

The following example shows how to remove all network objects and service objects from the configuration:

hostname(config)# clear configure object

Related Commands

Command	Description
object-network	Defines a named network object that is reflected in all configurations in which the object is used.
object-service	Defines a service object that is reflected in all configurations in which the object is used.
show running-config object	Displays the objects in the configuration.

clear configure object-group

To remove all the object group commands from the configuration, use the clear configure object-group command in global configuration mode.

clear configure object-group [protocol | service | icmp-type | network | security-group]

Syntax Description

icmp-type	(Optional) Clears all ICMP groups.
network	(Optional) Clears all network groups.
protocol	(Optional) Clears all protocol groups.
security-group	(Optional) Clears all security groups.
service	(Optional) Clears all service groups.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.
9.0(1)	The security-group keyword was added.

Examples

The following example shows how to remove all the object-group commands from the configuration:

hostname(config)# clear configure object-group

Related Commands

Command	Description
group-object	Adds network object groups.
network-object	Adds a network object to a network object group.
object-group	Defines object groups to optimize your configuration.
port-object	Adds a port object to a service object group.
show running-config object-group	Displays the current object groups.

clear configure object-group-search

To clear the object-group-search configuration, use the clear config object-group-search command in global configuration mode.

clear config object-group-search

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
8.3(1)	This command was introduced.

Examples

The following example shows how to clear the object-group-search configuration:

hostname# clear config object-group-search

Related Commands

Command	Description
show object-group	Shows the hit count if the object group is of the network object-group type.
show running-config object-group	Displays the current object groups.
show running-config object-group-search	Shows the object-group-search configuration in the running configuration.

clear configure pager

To remove the number of lines set to display in a Telnet session before the "---More---" prompt appears from the running configuration, use the clear configure pager command in global configuration mode.

clear configure pager

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
4.0(1)	This command was introduced.

Examples

The following example shows how to remove the number of lines set to display in a Telnet session before the "---More---" prompt appears from the running configuration:

hostname(config)# clear configure pager

hostname(config)#

Related Commands

Command	Description
show pager	Displays the default number of lines set to display in a Telnet session before the "---More---" prompt appears.
show running-config pager	Displays the number of lines set to display in a Telnet session before the "---More---" prompt appears in the running configuration.
terminal pager	Sets the number of lines to display in a Telnet session before the "---More---" prompt appears. This command is not saved to the running configuration.

clear configure passwd

To clear the login password configuration and reset the remote password, use the clear configure passwd command in global configuration mode.

clear configure {passwd | password}

Syntax Description

passwd | password

You can enter either command; they are aliased to each other.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was changed from clear passwd.
9.1(2)	Resets the remote password and removes the default password "cisco."

Examples

The following example resets the remote password and removes the default password "cisco":

hostname(config)# clear configure passwd

Related Commands

Command	Description
enable	Enters privileged EXEC mode.
enable password	Sets the enable password.
passwd	Sets the login password.
show curpriv	Shows the currently logged in username and the user privilege level.
show running-config passwd	Shows the login password in encrypted form.

clear configure password-policy

To reset password policy for the current context to the default value, use the clear configure password-policy command in global configuration mode.

clear configure password-policy

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
9.1(2)	This command was introduced.

Examples

The following example clears the password policy and restores it to the default value:

hostname(config)# clear configure password-policy

Related Commands

Command	Description
show run password-policy	Shows the password policy for the current context.
password-policy authenticate-enable	Determines whether users are allowed to modify their own user account without authenticating.

clear configure phone-proxy

To clear the Phone Proxy configuration, use the clear configure phone-proxy command in global configuration mode.

clear configure phone-proxy [phone_proxy_name]

Syntax Description 

phone_proxy_name

Specifies the name of the Phone Proxy instance.

Command Default

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History 

Release	Modification
8.0(4)	The command was introduced.

Examples

The following example clears the Phone Proxy configuration:

hostname# clear configure phone-proxy asa_phone_proxy

Related Commands 

Command	Description
phone-proxy	Configures the Phone Proxy instance.

clear configure pim

To clear all of the global pim commands from the running configuration, use the clear configure pim command in global configuration mode.

clear configure pim

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The clear configure pim command clears all of the pim commands from the running configuration. To clear PIM traffic counters and topology information, use the clear pim counters and the clear pim topology commands.

The clear configure pim command only clears the pim commands entered in global configuration mode; it does not clear the interface-specific pim commands.

Examples

The following example shows how to clear all pim commands from the running configuration:

hostname(config)# clear configure pim

Related Commands

Command	Description
clear pim topology	Clears the PIM topology table.
clear pim counters	Clears the PIM traffic counters.
show running-config pim	Displays the pim commands in the running configuration.

clear configure policy-map

To remove the all policy-map commands, use the clear configure policy-map command in global configuration mode.

clear configure policy-map [type inspect [protocol]}

Syntax Description

protocol	(Optional) Specifies the type of inspection policy map that you want to clear. Available types include: •dcerpc •dns •esmtp •ftp •gtp •h323 •http •im •mgcp •netbios •p2p •radius-accounting •sip •skinny •snmp
type inspect	(Optional) Clears inspection policy maps.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

To clear the policy map for a specific policy map name, use the no form of the policy-map command.

Examples

The following example shows the clear configure policy-map command:

hostname(config)# clear configure policy-map

Related Commands

Command	Description
policy-map	Configures a policy; that is, an association of a traffic class and one or more actions.
show running-config policy-map	Displays the entire policy configuration.

clear configure pop3s

To remove all POP3S commands from the configuration, reverting to default values, use the clear configure pop3s command in global configuration mode.

clear configure pop3s

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example shows how to remove the POP3S configuration:

hostname(config)# clear configure pop3s

hostname(config)# 

Related Commands

Command	Description
show running-configuration pop3s	Displays the running configuration for POP3S.
pop3s	Creates or edits a POP3S e-mail proxy configuration.

clear configure prefix-list

To remove the prefix-list commands from the running configuration, use the clear configure prefix-list command in global configuration mode.

clear configure prefix-list [prefix_list_name]

Syntax Description

prefix_list_name

(Optional) The name of a prefix list. When a prefix list name is specified, only the commands for that prefix list are removed from the configuration.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.0(1)	This command was changed from clear prefix-list to clear configure prefix-list.
9.0(1)	Multiple context mode is supported.

Usage Guidelines

The clear configure prefix-list command removes the prefix-list commands and the prefix-list description commands from the running configuration. If a prefix list name is specified, then the prefix-list command and prefix-list description command, if present, for that prefix list only are removed from the running configuration.

This command does not remove the no prefix-list sequence command from the running configuration.

Examples

The following example removes all prefix-list commands from the running configuration for a prefix list named MyPrefixList:

hostname# clear configure prefix-list MyPrefixList

Related Commands

Command	Description
show running-config prefix-list	Displays the prefix-list commands in the running configuration.

clear configure priority-queue

To remove the priority queue specification from the configuration, use the clear configure priority-queue command in global configuration mode.

clear configure priority queue interface-name

Syntax Description

interface-name

Specifies the name of the interface for which you want to show the priority queue details

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

This example removes the priority-queue configuration on the interface named test:

hostname(config)# clear configure priority-queue test

Related Commands

Command	Description
priority-queue	Configures priority queueing on an interface.
show running-config priority-queue	Displays the current priority-queue configuration for the named interface.

clear configure privilege

To remove the configured privilege levels for commands, use the clear configure privilege command in global configuration mode.

clear configure privilege

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was modified to conform to CLI guidelines.

Usage Guidelines

There is no undo.

Examples

This example shows how to reset the configured privilege levels for the commands:

hostname(config)# clear configure privilege

Related Commands

Command	Description
privilege	Configures the command privilege levels.
show curpriv	Displays current privilege level
show running-config privilege	Displays privilege levels for commands.

clear configure regex

To remove all regular expressions, use the clear configure regex command in global configuration mode.

clear configure regex

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

To clear the regular expression for a specific regular expression name, use the no form of the regex command.

Examples

The following example shows how to clear all configured regular expressions:

hostname(config)# clear configure regex

Related Commands

Command	Description
class-map type regex	Creates a regular expression class map.
regex	Creates a regular expression.
show running-config regex	Shows all regular expressions.
test regex	Tests a regular expression.

clear configure route

To remove the route commands from the configuration that do not contain the connect keyword, use the clear configure route command in global configuration mode.

clear configure route [interface_name ip_address [netmask gateway_ip]]

Syntax Description

gateway_ip	(Optional) Specifies the IP address of the gateway router (the next hop address for this route).
interface_name	(Optional) Internal or external network interface name.
ip_address	(Optional) Internal or external network IP address.
netmask	(Optional) Specifies a network mask to apply to the ip_address.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	Added keyword configure.

Usage Guidelines

Use 0.0.0.0 to specify a default route. You can abbreviate the 0.0.0.0 IP address as 0 and the 0.0.0.0 netmask as 0.

Examples

The following example shows how to remove the route commands from the configuration that do not contain the connect keyword:

hostname(config)# clear configure route

Related Commands

Command	Description
route	Specifies a static or default route for the an interface.
show route	Displays route information.
show running-config route	Displays configured routes.

clear configure route-map

To remove all of the route maps, use the clear configure route-map command in global configuration mode.

clear configure route-map

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

Use the clear configure route-map command in global configuration mode to remove all the route-map commands in the configuration. The route-map command is used to configure conditions of redistributing the routes from one routing protocol into another routing protocol.

To remove the individual route-map commands, use the no route-map command.

Examples

The following example shows how to remove the conditions of redistributing routes from one routing protocol into another routing protocol:

hostname(config)# clear configure route-map

Related Commands

Command	Description
route-map	Defines the conditions for redistributing routes from one routing protocol into another.
show running-config route-map	Displays information about the route map configuration.

clear configure router

To clear the router configuration commands from the running configuration, use the clear configure router command in global configuration mode.

clear configure router [ospf [id] | rip | eigrp [as-number]]

Syntax Description

as-number	(Optional) Clears the configuration commands for the specified EIGRP autonomous system number, also known as the process ID. If not specified, the configuration commands for all EIGRP routing processes are cleared. The range of values is 1 through 65535. Because only one EIGRP routing process is supported on the ASA, including the optional as-number argument has the same effect as omitting it.
eigrp	(Optional) Specifies that only EIGRP router configuration commands are removed from the configuration. EIGRP interface configuration mode commands are not removed.
id	(Optional) Clears the configuration commands for the specified OSPF process ID. If not specified, the configuration commands for all OSPF processes are removed.
ospf	(Optional) Specifies that only OSPF configuration commands are removed from the configuration.
rip	Specifies that only RIP configuration commands are removed from the configuration.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.0(1)	This command was changed from the clear router command to the clear configure router command.
7.2(1)	The rip keyword was added to the command.
8.0(2)	The eigrp keyword was added to the command.
9.0(1)	Multiple context mode is supported.

Examples

The following example clears all OSPF commands associated with OSPF process 1 from the running configuration:

hostname(config)# clear configure router ospf 1

The following example clears all global configuration mode commands associated with RIP routing process from the running configuration. It does not clear RIP commands entered in interface configuration mode.

hostname(config)# clear configure router rip

Related Commands

Command	Description
show running-config router	Displays the commands in the global router configuration.
router eigrp	Enables an EIGRP routing process and enters router configuration mode for that process.
router ospf	Enables an OSPF routing process and enters router configuration mode for that process.
router rip	Enables a RIP routing process and enters router configuration mode for that process.

clear configure same-security-traffic

To clear the same-security-traffic configuration, use the clear configure same-security-traffic command in global configuration mode.

clear configure same-security-traffic

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example clears the configuration when the same-security-traffic command is issued:

hostname(config)# clear configure same-security-traffic

Related Commands

Command	Description
same-security-traffic	Permits communication between interfaces with equal security levels.
show running-config same-security-traffic	Displays the configuration when the same-security-traffic command is issued.

clear configure service-policy

To clear the service policy configuration, use the clear configure service-policy command in global configuration mode.

clear configure service-policy

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following is an example of the clear configure service-policy command:

hostname(config)# clear configure service-policy

Related Commands

Command	Description
show service-policy	Displays the service policy.
show running-config service-policy	Displays the service policies configured in the running configuration.
service-policy	Configures the service policy.
clear service-policy	Clears service policy statistics.

clear configure sla monitor

To remove the sla monitor commands from the running configuration, use the clear configure sla monitor command in global configuration mode.

clear configure sla monitor [sla-id]

Syntax Description

sla-id

(Optional) The ID of the SLA operation. Valid values are from 1 to 2147483647.

Defaults

If the sla-id argument is not specified, all SLA operation configurations are cleared.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.2(1)	This command was introduced.

Usage Guidelines

This command clears the sla monitor command, associated SLA monitor configuration mode commands, and the associated sla monitor schedule command, if present. It does not remove the track rtr commands from the configuration.

To view the sla monitor commands in the running configuration, use the show running-config sla monitor command.

Examples

The following example clears all sla monitor commands from the configuration:

hostname(config)# clear configure sla monitor

The following example clears the sla monitor commands associated with the SLA operation ID 5:

hostname(config)# clear configure sla monitor 5

Related Commands

Command	Description
show running-config sla monitor	Displays the sla monitor commands in the running configuration.

clear configure smtps

To remove all SMTPS commands from the configuration and revert to default values, use the clear configure smtps command in global configuration mode.

clear configure smtps

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example shows how to remove the SMTPS configuration:

hostname(config)# clear configure smtps

Related Commands

Command	Description
show running-configuration smtps	Displays the running configuration for SMTPS.
smtps	Creates or edits an SMTPS e-mail proxy configuration.

clear configure smtp-server

To clear all of the SMTP server commands and statistics, use the clear configure smtp-server command in global configuration mode.

clear configure smtp-server

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.1(1)	This command was introduced.
9.0(1)	Support for multiple context mode was added.

Usage Guidelines

The clear configure smtp-server command clears all of the smtp commands and statistical information.

Examples

The following example shows how to clear all smtp-server commands:

hostname(config)# clear configure smtp-server

Related Commands

Command	Description
show running-config smtp-server	Displays the current SMTP server configuration.

clear configure snmp-map

To clear the SNMP map configuration, use the clear configure snmp-map command in global configuration mode.

clear configure snmp-map

Syntax DescriptionThis command has no arguments or keywords.

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The clear configure snmp-map command removes the SNMP map configuration.

Examples

The following example clears the SNMP map configuration:

hostname# clear configure snmp-map

Related Commands

Commands	Description
class-map	Defines the traffic class to which to apply security actions.
deny version	Disallows traffic using a specific version of SNMP.
inspect snmp	Enable SNMP application inspection.
snmp-map	Defines an SNMP map and enables SNMP map configuration mode.

clear configure snmp-server

To disable the SNMP server and remove all SNMP configurations, use the clear configure snmp-server command in global configuration mode.

clear configure snmp-server [group | host | user]

Syntax Description

group	Removes all SNMP groups.
host	Removes all SNMP hosts.
user	Removes all SNMP users.

Defaults

No default behaviors or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example shows how to disable the SNMP server:

hostname# clear configure snmp-server

Related Commands

Command	Description
snmp-server	Provides the ASA event information through SNMP.
show snmp-server statistics	Displays information about the SNMP server configuration.

clear configure ssh

To clear all SSH commands from the running configuration, use the clear configure ssh command in global configuration mode.

clear configure ssh

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was changed from the clear ssh command to the clear configure ssh command.

Usage Guidelines

This command clears all SSH commands from the configuration. To clear specific commands, use the no form of those commands.

Examples

The following example clears all SSH commands from the configuration:

hostname(config)# clear configure ssh

Related Commands

Command	Description
show running-config ssh	Displays the current SSH commands in the running configuration.
ssh	Allows SSH connectivity to the ASA from the specified client or network.
ssh scopy enable	Enables a secure copy server on the ASA.
ssh timeout	Sets the timeout value for idle SSH sessions.
ssh version	Restricts the ASA to using either SSH Version 1 or SSH Version 2.

clear configure ssl

To remove all SSL commands from the configuration and revert to default values, use the clear configure ssl command in global configuration mode.

clear configure ssl

Syntax Description

This command has no arguments or keywords.

Defaults

By default:

•Both the SSL client and SSL server versions are any.

•SSL encryption is 3DES-SHA1, DES-SHA1, RC4-MD5, in that order.

•There is no trustpoint association; the ASA uses the default RSA key-pair certificate.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example shows how to use the clear configure ssl command:

hostname(config)# clear configure ssl

Related Commands

Command	Description
show running-config ssl	Displays the current set of configured ssl commands.
ssl client-version	Specifies the SSL/TLS protocol version that the ASA uses when acting as a client.
ssl server-version	Specifies the SSL/TLS protocol version that the ASA uses when acting as a server.
ssl trust-point	Specifies the certificate trustpoint that represents the SSL certificate for an interface.

clear configure static

To remove all the static commands from the configuration, use the clear configure static command in global configuration mode.

clear configure static

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	The keyword configure was added.

Examples

This example shows how to remove all the static commands from the configuration:

hostname(config)# clear configure static

Related Commands

Command	Description
show running-config static	Displays all static commands in the configuration.
static	Configures a persistent one-to-one address translation rule by mapping a local IP address to a global IP address.

clear configure sunrpc-server

To clear the remote processor call services from the ASA, use the clear configure sunrpc-server command in global configuration mode.

clear configure sunrpc-server [active]

Syntax Description

active

(Optional) Identifies the SunRPC services that are currently active on the ASA.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The sunrpc-server command displays the configured router ospf commands.

---

Note If the highest-level IP address on the ASA is a private address, this address is sent in hello packets and database definitions. To prevent this action, set the router-id ip_address argument to a global address.

---

Examples

The following example shows how to clear the SunRPC services from the ASA:

hostname(config)# clear configure sunrpc-server active

Related Commands

Command	Description
sunrpc-server	Creates the SunRPC services table.
show running-config sunrpc-server	Displays the information about the SunRPC configuration.

clear configure sysopt

To clear the configuration for all sysopt commands, use the clear configure sysopt command in global configuration mode.

clear configure sysopt

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was changed from clear sysopt.
9.0(1)	Support for multiple context mode was added.

Examples

The following example clears all sysopt command configuration:

hostname(config)# clear configure sysopt

Related Commands

Command	Description
show running-config sysopt	Shows the sysopt command configuration.
sysopt connection permit-ipsec	Permits any packets that come from an IPsec tunnel without checking any ACLs for interfaces.
sysopt connection tcpmss	Overrides the maximum TCP segment size or ensures that the maximum is not less than a specified size.
sysopt connection timewait	Forces each TCP connection to linger in a shortened TIME_WAIT state after the final normal TCP close-down sequence.
sysopt nodnsalias	Disables alteration of the DNS A record address when you use the alias command.

clear configure tcp-map

To clear the TCP map configuration, use the clear configure tcp-map command in global configuration mode.

clear configure tcp-map

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example shows how to clear the TCP map configuration:

hostname(config)# clear configure tcp-map

Related Commands

Command	Description
tcp-map	Creates a TCP map and accesses tcp-map configuration mode.
show running-config tcp-map	Displays the information about the TCP map configuration.

clear configure telnet

To remove the Telnet connection and idle timeout from the configuration, use the clear configure telnet command in global configuration mode.

clear configure telnet

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	The keyword configure was added.

Examples

This example shows how to remove the Telnet connection and the idle timeout from the ASA configuration:

hostname(config)# clear configure telnet

Related Commands

Command	Description
show running-config telnet	Displays the current list of IP addresses that are authorized to use Telnet connections to the ASA.
telnet	Adds Telnet access to the console and sets the idle timeout.

clear configure terminal

To clear the terminal display width setting, use the clear configure terminal command in global configuration mode.

clear configure terminal

Syntax Description

This command has no arguments or keywords.

Defaults

The default display width is 80 columns.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	The configure keyword was added.

Examples

The following example clears the display width:

hostname# clear configure terminal

Related Commands

Command	Description
terminal	Sets the terminal line parameters.
terminal width	Sets the terminal display width.
show running-config terminal	Displays the current terminal settings.

clear configure threat-detection

To clear the threat detection configuration, use the clear configure threat-detection command in global configuration mode.

clear configure threat-detection

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	—	—

Command History

Release	Modification
8.0(2)	This command was introduced.

Usage Guidelines

This command clears all threat-detection configuration commands.

Examples

The following example clears all threat detection commands:

hostname# clear configure threat-detection

Related Commands

Command	Description
clear threat-detection rate	Clears basic threat detection statistics.
clear threat-detection shun	Releases currently shunned hosts.
show running-config threat-detection	Shows the threat detection configuration.
threat-detection basic-threat	Enables basic threat detection.
threat-detection scanning-threat	Enables scanning threat detection.

clear configure timeout

To restore the default idle time durations in the configuration, use the clear configure timeout command in global configuration mode.

clear configure timeout

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

This example shows how to remove the maximum idle time durations from the configuration:

hostname(config)# clear configure timeout

Related Commands

Command	Description
show running-config timeout	Displays the timeout value of the designated protocol.
timeout	Sets the maximum idle time duration.

clear configure time-range

To clear all configured time ranges, use the clear configure time-range command in global configuration mode.

clear configure time-range

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Examples

The following example clears all configured time ranges:

hostname(config)# clear configure time-range

Related Commands

Command	Description
time-range	Enters time-range configuration mode and defines a time range that you can attach to traffic rules, or an action.

clear configure tls-proxy

To remove all configured TLS proxy instances, use the clear configure tls-proxy command in global configuration mode.

clear configure tls-proxy

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
8.0(2)	This command was introduced.

Examples

The following following example removes all configured TLS proxy instances using the clear configure tls-proxy command:

hostname# clear configure tls-proxy

Related Commands

Command	Description
client	Defines a cipher suite and sets the local dynamic certificate issuer or keypair.
ctl-provider	Defines a CTL provider instance and enters provider configuration mode.
show running-config tls-proxy	Shows running configuration of all or specified TLS proxies.
tls-proxy	Defines a TLS proxy instance and sets the maximum sessions.

clear configure tunnel-group

To remove all or specified tunnel groups from the configuration, use the clear config tunnel-group command in global configuration.

clear config tunnel-group [name]

Syntax Description

name	(Optional) Specifies the name of a tunnel group.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.
9.0(1)	Support for multiple context mode was added.

Examples

The following example entered in global configuration mode, removes the toengineering tunnel group from the configuration:

hostname(config)# clear config tunnel-group toengineering

hostname(config)# 

Related Commands

Command	Description
show running-config tunnel-group	Displays information about all or selected tunnel-groups.
tunnel-group	Enters tunnel-group configuration mode for the specified type.

clear configure tunnel-group-map

To clear the policy and rules by which the tunnel group name is derived from the content of the certificate, use the clear configure tunnel-group-map command in global configuration mode.

clear configure tunnel-group-map

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.
9.0(1)	Support for multiple context mode was added.

Usage Guidelines

The tunnel-group-map commands configure the policy and rules by which certificate-based IKE sessions are mapped to tunnel groups. To associate the certificate map entries created using the crypto ca certificate map command with tunnel groups, use the tunnel-group-map command in global configuration mode. You can invoke this command multiple times as long as each invocation is unique and you do not reference a map index more than once.

The crypto ca certificate map command maintains a prioritized list of certificate mapping rules. There can be only one map. But this map can have up to 65535 rules. See the documentation on the crypto ca certificate map command for more information.

The processing that derives the tunnel group name from the certificate ignores entries in the certificate map that are not associated with a tunnel group (any map rule not identified by this command).

Examples

The following example entered in global configuration mode, specifies a default tunnel group to use when the name cannot be derived by other configured methods:

hostname(config)# clear configure tunnel-group-map

Related Commands

Command	Description
crypto ca certificate map	Enters crypto ca certificate map configuration mode.
subject-name (crypto ca certificate map)	Identifies the DN from the CA certificate that is to be compared to the rule entry string.
tunnel-group-map default-group	Designates an existing tunnel group name as the default tunnel group.
tunnel-group-map enable	Configures the policy and rules by which certificate-based IKE sessions are mapped to tunnel groups.

clear configure uc-ime

To clear the running configuration for the Cisco Intercompany Media Engine proxy on the ASA, use the clear configure uc-ime command in global configuration mode.

clear configure uc-ime [name]

Syntax Description

name	(Optional) Specifies the instance name of the Cisco Intercompany Media Engine proxy configured on the ASA. The name argument is limited to 64 characters. Only one Cisco Intercompany Media Engine proxy can be configured on the ASA.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
8.3(1)	The command was introduced.

Usage Guidelines

This command has no usage guidelines.

Examples

The following example clears the running configuration for the Cisco Intercompany Media Engine proxy:

hostname(config)# clear configure local-ent-ime

Related Commands

Command	Description
clear uc-ime	Clears the statistical counters for the Cisco Intercompany Media Engine proxy.
show running-config uc-ime	Shows the running configuration of the Cisco Intercompany Media Engine proxy.
show uc-ime	Displays statistical or detailed information about fallback notifications, mapping service sessions, and signaling sessions.
uc-ime	Creates the Cisco Intercompany Media Engine proxy instance on the ASA.

clear configure url-block

To clear clears URL pending block buffer and long URL support configuration, use the clear configure url-block command in global configuration mode.

clear configure url-block

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The clear configure url-block command clears URL pending block buffer and long URL support configuration.

Examples

The following example clears the URL pending block buffer and long URL support configuration:

hostname# clear configure url-block

Related Commands

Commands	Description
clear url-block block statistics	Clears the block buffer usage counters.
show url-block	Displays information about the URL cache, which is used for buffering URLs while waiting for responses from an N2H2 or Websense filtering server.
url-block	Manages the URL buffers used for web server responses.
url-cache	Enables URL caching while pending responses from an N2H2 or Websense server and sets the size of the cache.
url-server	Identifies an N2H2 or Websense server for use with the filter command.

clear configure url-cache

To clear the URL cache, use the clear configure url-cache command in global configuration mode.

clear configure url-cache

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The clear configure url-cache command clears the URL cache.

Examples

The following example clears the URL cache:

hostname# clear configure url-cache

Related Commands

Commands	Description
clear url-cache statistics	Removes url-cache command statements from the configuration.
filter url	Directs traffic to a URL filtering server.
show url-cache statistics	Displays information about the URL cache, which is used for buffering URLs while waiting for responses from an N2H2 or Websense filtering server.
url-cache	Enables URL caching while pending responses from an N2H2 or Websense server and sets the size of the cache.
url-server	Identifies an N2H2 or Websense server for use with the scsc command.

clear configure url-list

To remove a configured set of URLs that WebVPN users can access , use the clear configure url-list command in global configuration mode.

clear configure url-list [listname]

Syntax Description

listname

Groups the set of URLs that WebVPN users can access. The maximum is 64 characters.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

To remove all configured URLs, use this command without the listname argument.

To remove only the URLs for a specific list, use this command with that listname argument.

Examples

The following example shows how to remove the URL list called Marketing URLs.

hostname(config)# clear configure url-list Marketing URLs

Related Commands

Command	Description
show running-configuration url-list	Displays the current set of configured url-list commands.
url-list	Configures the set of URLs that WebVPN users can access.
url-list	Enables WebVPN URL access for a specific group policy or user.

clear configure url-server

To clear the URL filtering server configuration, use the clear configure url-server command in global configuration mode.

clear configure url-server

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
7.0(1)	This command was introduced.

Usage Guidelines

The clear configure url-server command clears the URL filtering server configuration.

Examples

The following example URL filtering server configuration:

hostname# clear configure url-server

Related Commands

Commands	Description
clear url-server	Clears the URL filtering server statistics.
show url-server	Displays information about the URL cache, which is used for buffering URLs while waiting for responses from an N2H2 or Websense filtering server.
url-cache	Enables URL caching while pending responses from an N2H2 or Websense server and sets the size of the cache.
url-block	Manages the URL buffers used for web server responses while waiting for a filtering decision from the filtering server.
url-server	Identifies an N2H2 or Websense server for use with the filter command.

clear configure user-identity

To clear the configuration for the Identity Firewall, use the clear configure user-identity command in global configuration mode.

clear configure user-identity [ad-agent | logout-probe | action | domain]

Syntax Description

action	Removes the configuration for the following Identity Firewall actions configured by the following commands: •user-identity action ad-agent-down •user-identity action domain-controller-down •user-identity action mac-address-mismatch •user-identity action netbios-response-fail
ad-agent	Removes all configuration for the Active Directory Agent configured for the Identity Firewall.
domain	Removes all domains configured for the Identity Firewall. Specifying this keyword only removes the domains that are not referenced by a domain object (for example, in the object-group or access-list commands).
logout-probe	Removes all configuration for the logout probe configured for the Identity Firewall. When NetBIOS probing is enabled for the Identity Firewall, the ASA probes the user client IP address to determine whether the client is still active. By default, NetBIOS probing is disabled.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	•

Command History

Release	Modification
8.4(2)	This command was introduced.

Examples

The following example clears the Active Directory Agent configured for the Identity Firewall:

hostname# clear configure user-identity ad-agent

Related Commands

Commands	Description
user-identity enable	Creates the Cisco Identify Firewall instance.
user-identity logout-probe	Enables NetBIOS probing for the Cisco Identify Firewall instance.

clear configure username

To clear the username database, use the clear configure username command in global configuration mode.

clear configure username [name]

Syntax Description

name	(Optional) Provides the name of the user.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.0(1)	This command was introduced.
9.1(2)	Password policy authentication changes were added.

Usage Guidelines

To clear the configuration for a particular user, use this command and append the username.

The internal user authentication database consists of the users entered with the username command. The login command uses this database for authentication.

When password policy authentication is enabled, this command does not allow users to delete their password. For example:

•Entering the clear config username your_own _username command is not allowed.

•Entering the clear config username command is allowed, but the user account is skipped and not deleted.

Examples

The following example shows how to clear the configuration for the user named anyuser:

hostname(config)# clear configure username anyuser

Related Commands

Command	Description
show running-config username	Displays the running configuration for a particular user or for all users.
username	Adds a user to the ASA database.
username attributes	Lets you configure AVPs for specific users.

clear configure virtual

To remove the authentication virtual server from the configuration, use the clear configure virtual command in global configuration mode.

clear configure virtual

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	—	—	•

Command History

Release	Modification
7.0(1)	This command was modified to conform to CLI guidelines.

Usage Guidelines

There is no undo.

Examples

The following example shows the clear configure virtual command:

hostname(config)# clear configure virtual

Related Commands

Command	Description
show running-config virtual	Displays the IP address for the authentication virtual server.
virtual http	Allows separate authentication with the ASA and with the HTTP server.
virtual telnet	Authenticates users with the virtual Telnet server for traffic types for which the ASA does not supply an authentication prompt.

clear configure vpdn group

To remove all vpdn group commands from the configuration, use the clear configure vpdn group command in global configuration mode.

clear configure vpdn group

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.2(1)	This command was introduced.
9.0(1)	Support for multiple context mode was added.

Usage Guidelines

Entering the clear configure vpdn group command has no affect on active PPPoE connections.

Examples

The following example shows how to clear the VPDN group configuration:

hostname(config)# clear configure vpdn group

Related Commands

Command	Description
clear configure vpdn username	Removes all vpdn username commands from the configuration.
show running-config vpdn username	Shows the current configuration for VPDN usernames.

clear configure vpdn username

To remove all vpdn username commands from the configuration, use the clear configure vpdn username command in global configuration mode.

clear configure vpdn username

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.2(1)	This command was introduced.

Usage Guidelines

Entering the clear configure vpdn username command has no affect on active PPPoE connections.

Examples

The following example shows how to clear the VPDN username configuration:

hostname(config)# clear configure vpdn username

Related Commands

Command	Description
clear configure vpdn group	Removes all vpdn group commands from the configuration.
show running-config vpdn username	Shows the current configuration for VPDN usernames.

clear configure vpn-load-balancing

To remove the previously specified VPN load-balancing configuration, thus disabling VPN load-balancing, use the clear configure vpn load-balancing command in global configuration mode.

clear configure vpn load-balancing

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	•	—

Command History

Release	Modification
7.0(1)	This command was introduced.
9.0(1)	Support for multiple context mode was added.

Usage Guidelines

The clear configure vpn load-balancing command also clears the following related commands: cluster encryption, cluster ip address, cluster key, cluster port, nat, participate, and priority.

Examples

The following example removes VPN load-balancing configuration statements from the configuration:

hostname(config)# clear configure vpn load-balancing

Related Commands

show running-config load-balancing	Displays the current VPN load-balancing configuration.
vpn load-balancing	Enters vpn load-balancing configuration mode.

clear configure wccp

To remove all WCCP configuration, use the clear configure wccp command in global configuration mode.

clear configure wccp

Syntax Description

This command has no arguments or keywords.

Defaults

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
7.2(1)	This command was introduced.

Examples

The following example shows how to clear the WCCP configuration:

hostname(config)# clear configure wccp

Related Commands

Command	Description
show wccp	Displays the WCCP configuration.
wccp redirect	Enables support of WCCP redirection.

clear configure xlate

To clear the xlate per-session rules, use the clear configure xlate command in global configuration mode.

clear configure xlate

Syntax Description

This command has no arguments or keywords.

Command Default

No default behavior or values.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	•	•	•	—

Command History

Release	Modification
9.0(1)	We introduced this command.

Usage Guidelines

This command clears manually-created rules, and keeps the default configuration.

Examples

The following example shows the running configuration plus default rules, and then clears the manually-created rules:

hostname(config)# show running-config all xlate

xlate per-session deny tcp any4 any4

xlate per-session deny tcp any4 any6

xlate per-session deny tcp any6 any4

xlate per-session deny tcp any6 any6

xlate per-session deny udp any4 any4 eq domain

xlate per-session deny udp any4 any6 eq domain

xlate per-session deny udp any6 any4 eq domain

xlate per-session deny udp any6 any6 eq domain

xlate per-session permit tcp any4 any4

xlate per-session permit tcp any4 any6

xlate per-session permit tcp any6 any4

xlate per-session permit tcp any6 any6

xlate per-session permit udp any4 any4 eq domain

xlate per-session permit udp any4 any6 eq domain

xlate per-session permit udp any6 any4 eq domain

xlate per-session permit udp any6 any6 eq domain

hostname(config)# clear configure xlate

hostname(config)# show running-config xlate

hostname(config)# show running-config all xlate

xlate per-session permit tcp any4 any4

xlate per-session permit tcp any4 any6

xlate per-session permit tcp any6 any4

xlate per-session permit tcp any6 any6

xlate per-session permit udp any4 any4 eq domain

xlate per-session permit udp any4 any6 eq domain

xlate per-session permit udp any6 any4 eq domain

xlate per-session permit udp any6 any6 eq domain

hostname(config)#

Related Commands

Command	Description
nat (global)	Adds a twice NAT rule.
nat (object)	Adds an object NAT rule.
show running-config xlate	Shows the xlate per-session rules.
xlate per-session	Adds a per-session PAT rule.

clear configure zonelabs-integrity

To remove all Zone Labs Integrity servers from the running configuration, use the clear configure zonelabs-integrity command in global configuration mode.

clear configure zonelabs-integrity

Syntax Description

This command has no arguments or keywords.

Defaults

Removes all Zone Labs Integrity servers.

Command Modes

The following table shows the modes in which you can enter the command:

Command Mode	Firewall Mode		Security Context
	Routed	Transparent	Single	Multiple
				Context	System
Global configuration	•	—	•	—	—

Command History

Release	Modification
7.2.(1)	This command was introduced.

Usage Guidelines

The clear configure zonelabs-integrity command removes all Zone Labs Integrity servers from the running configuration, including active and standby Integrity servers.

Examples

The following example shows the removal of two configured Zone Labs Integrity servers: 

hostname(config)# show running-config zonelabs-integrity

zonelabs-integrity server-address 10.0.9.1 10.0.9.2

hostname(config)# clear configure zonelabs-integrity

hostname(config)# show running-config zonelabs-integrity

hostname(config)#

Related Commands

Command	Description
show running-config [all] zonelabs-integrity	Displays the configured Zone Labs Integrity servers.