Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

IPSec Security Association Lifetime

I just recently updated to 8.4(3).  I noticed that our any connect users are being dropped after 8hours of being connected.  I have the Max Connect time and Idle Timeout set to unlimited for the group policy they are using.  Could the IPSec Security Association Lifetime be causing connections to drop after 8 hours(It is currently set to 8 hours)?  I don't recall seeing this setting in earlier versions of ASA.  Can these settings be removed?

Thanks in advance.

2 REPLIES

IPSec Security Association Lifetime

Hello,

No, as Anyconect is SSL based, none of the settings for the IP SA will affect the Anyconect tunnel.

Regards,

Julio

Do rate all the helpful posts!

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
New Member

IPSec Security Association Lifetime

We are using Anyconnect with IKEv2 instead of SSL.  Would it affect it then?

635
Views
0
Helpful
2
Replies
CreatePlease to create content