Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
391
Views
0
Helpful
1
Replies

rekeying timer

0tscherer
Level 1
Level 1

‎11-20-2008 05:54 AM - edited ‎03-11-2019 07:15 AM

Hello,

i have a problem with the rekeying timer of an ASA5505.

The setting is:

crypto isakmp policy 10

authentication pre-share

encryption 3des

hash md5

group 5

lifetime 28800

and the ASA show this :

IKE:

Tunnel ID : 556.1

UDP Src Port : 500 UDP Dst Port : 500

IKE Neg Mode : Main Auth Mode : preSharedKeys

Encryption : 3DES Hashing : MD5

Rekey Int (T): 28800 Seconds Rekey Left(T): 26594 Seconds

D/H Group : 5

Filter Name :

but the real rekeying time is 21600 seconds.

The other sides is working with the same parameters and the VPN seems OK.

Does anyone knows why there is a different of 2h ??

Regards

Dieter

Labels:
0 Helpful
1 Reply 1

sadbulali
Level 4
Level 4

‎11-27-2008 07:31 PM

Can you provide the error message you are getting so that we will be able to identify the cause and resolve the same.Also check for the configuration so that errors in configuration can be avoided.The timers need to be of the same value.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card