set security-association lifetime

Last Updated : Nov 06, 2012 |

Sets the IKE phase 2 (IPSec) SA (security-association) lifetime. Use no set security-association lifetime to disable the SA lifetime.

Syntax

[no] set security-association lifetime { seconds seconds | kilobytes {kilobytes | disable} }


Parameter	Description	Possible Values
seconds	Keyword indicating to specify the lifetime in seconds
seconds	The lifetime, in seconds	120-86,400
kilobytes	Keyword indicating to specify the lifetime by the amount of traffic that should pass through the IPSec tunnel before the security association should time out
kilobytes	The amount of traffic, in kilobytes	2,560-536,870,912
disable	Keyword specifying unlimited lifetime

read-write

crypto ipsec transform-set

To set the IKE phase 2 SA lifetime to 300 seconds

Gxxx-001(config-transform:ts1)# set security-association lifetime seconds 300

Send Feedback