Working through SNRS Greg Bastien.
I cannot work out what the Security lifetime is used for in Global config mode. I configured the lifetime parameters for both the IKE phase 1 and IPSEC 'crypto map' but then when I did :
'show crypto ipsec security-association'
found that the lifetime was set to 3600 seconds. I'm confused.