Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

PIX VPN - Setting Crypto Lifetimes

Is it possible to set the crypto lifetime to reset based only on time and not kilobytes? I'd like the crypto lifetime to rest after 28800 seconds (8 hours) with an unlimited kilobyes setting.

Example:

crypto map testvpn 10 set security-association lifetime seconds 28800

Thanks-

1 REPLY
Community Member

Re: PIX VPN - Setting Crypto Lifetimes

I think there is always a kilobyte value by default even with "crypto map testvpn 10 set security-association lifetime seconds 28800" so you're traped into having a limited kilobyte setting.

(Cisco gurus please correct me if I am wrong).

I see only one way to do that : enter a big value of kilobytes (superior of your network bandwidth for the amount of time required). But well this value has a maximum (and for some firewalls it could be quite low).

But I hope I helped a little.

Thomas

92
Views
0
Helpful
1
Replies
CreatePlease to create content