Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

rekeying timer

Hello,

i have a problem with the rekeying timer of an ASA5505.

The setting is:

crypto isakmp policy 10

authentication pre-share

encryption 3des

hash md5

group 5

lifetime 28800

and the ASA show this :

IKE:

Tunnel ID : 556.1

UDP Src Port : 500 UDP Dst Port : 500

IKE Neg Mode : Main Auth Mode : preSharedKeys

Encryption : 3DES Hashing : MD5

Rekey Int (T): 28800 Seconds Rekey Left(T): 26594 Seconds

D/H Group : 5

Filter Name :

but the real rekeying time is 21600 seconds.

The other sides is working with the same parameters and the VPN seems OK.

Does anyone knows why there is a different of 2h ??

Regards

Dieter

1 REPLY
Community Member

Re: rekeying timer

Can you provide the error message you are getting so that we will be able to identify the cause and resolve the same.Also check for the configuration so that errors in configuration can be avoided.The timers need to be of the same value.

259
Views
0
Helpful
1
Replies
CreatePlease to create content