Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.

ISAKMP SA Lifetime question

Hi,

Is it possible to shorten the lifetime of ISAKMP SA's of dynamic remote VPN clients to 1 hr, but leave it alone (default is 24 hrs) for static VPN's? It seems this is a global setting that effects all VPN's equally, is this correct? Thanks, Mitchell

1 ACCEPTED SOLUTION

Accepted Solutions

Re: ISAKMP SA Lifetime question

crypto isakmp policy 1

lifetime 60

crypto isakmp policy 2

lifetime 86400*

*Since its the default you don't actually have to type it.

4 REPLIES

Re: ISAKMP SA Lifetime question

Yes, use different ISAKMP policies for each type of connection.

Gold

Re: ISAKMP SA Lifetime question

do these vpn's terminate on an asa or router?

Re: ISAKMP SA Lifetime question

The VPN's terminate on a 2851 ISR.

Re: ISAKMP SA Lifetime question

crypto isakmp policy 1

lifetime 60

crypto isakmp policy 2

lifetime 86400*

*Since its the default you don't actually have to type it.

204
Views
0
Helpful
4
Replies
CreatePlease to create content