Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

515e l2l Idle Timeout

Hi,

I have a couple of l2l vpns running to other 515e's. When i look in the monitoring section of the ASDM it shows

Idle Time Out: 30 minutes

In the Ipsec section. I can't find a value for this in the CLI, does anyone know if its configurable?

regards

J Mack

1 REPLY
Hall of Fame Super Blue

Re: 515e l2l Idle Timeout

Hi

In the CLI there will be 2 timouts

1) Phase 1 - look for a "crypto isakmp polci "no" lifietime" line.

2) Phase 2 - look for a "crypto map "map name" "no" set security association lifetime" line.

You can modify both but be aware that you would need to modify the other end of your VPN tunnel as well or the IPSEC tunnel might not work.

HTH

Jon

245
Views
0
Helpful
1
Replies
CreatePlease to create content