Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
941
Views
0
Helpful
4
Replies

ISAKMP SA Lifetime question

Go to solution
northtexasnetworks
Level 1
Level 1

‎06-11-2009 02:59 PM

Hi,

Is it possible to shorten the lifetime of ISAKMP SA's of dynamic remote VPN clients to 1 hr, but leave it alone (default is 24 hrs) for static VPN's? It seems this is a global setting that effects all VPN's equally, is this correct? Thanks, Mitchell

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
pompeychimes
Level 4
Level 4
In response to northtexasnetworks

‎06-12-2009 07:48 AM

crypto isakmp policy 1

lifetime 60

crypto isakmp policy 2

lifetime 86400*

*Since its the default you don't actually have to type it.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
pompeychimes
Level 4
Level 4

‎06-11-2009 08:10 PM

Yes, use different ISAKMP policies for each type of connection.

0 Helpful

Go to solution
srue
Level 7
Level 7
In response to pompeychimes

‎06-12-2009 06:23 AM

do these vpn's terminate on an asa or router?

0 Helpful

Go to solution
northtexasnetworks
Level 1
Level 1
In response to srue

‎06-12-2009 07:39 AM

The VPN's terminate on a 2851 ISR.

0 Helpful

Go to solution
pompeychimes
Level 4
Level 4
In response to northtexasnetworks

‎06-12-2009 07:48 AM

crypto isakmp policy 1

lifetime 60

crypto isakmp policy 2

lifetime 86400*

*Since its the default you don't actually have to type it.

0 Helpful
Customers Also Viewed These Support Documents