Crypto lifetime question

Unanswered Question
Apr 16th, 2008
User Badges:

Hi, I have a few VPN's connected to my Cisco Concentrator and ASA. The thing is I have never set the life time on the tunnel on the regional sites configs (877's, 1841's), althought on the ASA and Concentrator I have.

What problem's would this create and should I set this?

e.g. Set security-association lifetime seconds 28800

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smahbub Tue, 04/22/2008 - 06:16
User Badges:
  • Silver, 250 points or more

To override the global lifetime value for a particular crypto map entry, which is used when negotiating IP Security security associations,the "set security-association lifetime" command is used in crypto map configuration mode.

Command Syntax:

set security-association lifetime {seconds seconds | kilobytes kilobytes}

For more details about this lifetime settings refer :


This Discussion