Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
957
Views
0
Helpful
2
Replies

IPSec Security Association Lifetime

wngwngwng
Level 1
Level 1

‎04-19-2012 11:22 AM - edited ‎02-21-2020 06:01 PM

I just recently updated to 8.4(3).  I noticed that our any connect users are being dropped after 8hours of being connected.  I have the Max Connect time and Idle Timeout set to unlimited for the group policy they are using.  Could the IPSec Security Association Lifetime be causing connections to drop after 8 hours(It is currently set to 8 hours)?  I don't recall seeing this setting in earlier versions of ASA.  Can these settings be removed?

Thanks in advance.

Labels:
0 Helpful
2 Replies 2

Julio Carvajal
VIP Alumni
VIP Alumni

‎04-19-2012 12:45 PM

Hello,

No, as Anyconect is SSL based, none of the settings for the IP SA will affect the Anyconect tunnel.

Regards,

Julio

Do rate all the helpful posts!

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

wngwngwng
Level 1
Level 1
In response to Julio Carvajal

‎04-19-2012 12:50 PM

We are using Anyconnect with IKEv2 instead of SSL.  Would it affect it then?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents