Cisco Cisco Packet Data Gateway (PDG) Merkblatt
Crypto Template IKEv2-Dynamic Payload Configuration Mode Commands
lifetime ▀
Cisco ASR 5x00 Command Line Interface Reference ▄
2855
lifetime
Configures the number of seconds for IPSec Child SAs derived from this crypto template payload to exist.
Product
All Security Gateway products
Privilege
Security Administrator
Mode
Exec > Global Configuration > Context Configuration > Crypto Template Configuration > Crypto Template IKEv2-
Dynamic Payload Configuration
Dynamic Payload Configuration
configure > context context_name > crypto template template_name ikev2-dynamic > payload
payload_name match childsa
payload_name match childsa
match
{ any | ipv4 | ipv6 }
Entering the above command sequence results in the following prompt:
[context_name]host_name(cfg-crypto-tmpl-ikev2-tunnel-payload)#
Syntax
lifetime { sec [ kilo-bytes kbytes ] | kilo-bytes kbytes }
default lifetime
sec
Specifies the number of seconds for IPSec Child Security Associations derived from this crypto template
payload to exist.
payload to exist.
sec
must be an integer from 60 through 604800. Default: 86400
kilo-bytes kbytes
Specifies lifetime in kilobytes for IPSec Child Security Associations derived from this crypto template
payload.
payload.
kbytes
must be an integer from 1 through 2147483647.
default lifetime
Sets the lifetime to its default value of 86400 seconds.
Usage
Use this command to configure the number of seconds and/or kilobytes for IPSec Child Security Associations
derived from this crypto template payload to exist.
derived from this crypto template payload to exist.
Example
The following command configures the IPSec child SA lifetime to be
120
seconds:
lifetime 120