Cisco Cisco Packet Data Gateway (PDG) Merkblatt
IKEv2 Security Association Configuration Mode Commands
lifetime ▀
Cisco ASR 5x00 Command Line Interface Reference ▄
6207
lifetime
Configures the lifetime of a security association (SA) in seconds.
Product
ePDG
PDIF
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > IKEv2 Security Association Configuration
configure > context context_name > ikev2-ikesa transform-set set_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(cfg-ctx-ikev2ikesa-tran-set)#
Syntax
lifetime sec
default lifetime
lifetime
sec
Sets the value of the timeout parameter in seconds as an integer from 60 through 86400. Default: 86400
Usage
The secret keys that are used for various aspects of a configuration should only be used for a limited amount
of time before timing out. This exposes a limited amount of data to the possibility of hacking. If the SA
expires, the options are then to either close the SA and open an new one, or renew the existing SA.
of time before timing out. This exposes a limited amount of data to the possibility of hacking. If the SA
expires, the options are then to either close the SA and open an new one, or renew the existing SA.
Example
The following command sets the lifetime timeout to 120 seconds:
lifetime 120