ISAKMP SA Lifetime question

Answered Question
Jun 11th, 2009

Hi,

Is it possible to shorten the lifetime of ISAKMP SA's of dynamic remote VPN clients to 1 hr, but leave it alone (default is 24 hrs) for static VPN's? It seems this is a global setting that effects all VPN's equally, is this correct? Thanks, Mitchell

Correct Answer by pompeychimes about 7 years 8 months ago

crypto isakmp policy 1

lifetime 60


crypto isakmp policy 2

lifetime 86400*


*Since its the default you don't actually have to type it.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
srue Fri, 06/12/2009 - 06:23

do these vpn's terminate on an asa or router?

Correct Answer
pompeychimes Fri, 06/12/2009 - 07:48

crypto isakmp policy 1

lifetime 60


crypto isakmp policy 2

lifetime 86400*


*Since its the default you don't actually have to type it.

Actions

This Discussion