Crypto lifetime question

Unanswered Question
Apr 16th, 2008

Hi, I have a few VPN's connected to my Cisco Concentrator and ASA. The thing is I have never set the life time on the tunnel on the regional sites configs (877's, 1841's), althought on the ASA and Concentrator I have.

What problem's would this create and should I set this?

e.g. Set security-association lifetime seconds 28800

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smahbub Tue, 04/22/2008 - 06:16

To override the global lifetime value for a particular crypto map entry, which is used when negotiating IP Security security associations,the "set security-association lifetime" command is used in crypto map configuration mode.

Command Syntax:

set security-association lifetime {seconds seconds | kilobytes kilobytes}

For more details about this lifetime settings refer :

http://www.cisco.com/en/US/docs/ios/security/command/reference/sec_s2.html#wp1012639

Actions

This Discussion