Cisco Cisco Packet Data Gateway (PDG)
lifetime
Configures the lifetime of a security association (SA) in seconds.
Product
ePDG
PDIF
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > IKEv2 Security Association Configuration
configure > context context_name > ikev2-ikesa transform-set set_name
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(cfg-ctx-ikev2ikesa-tran-set)#
Syntax Description
lifetime sec
default lifetime
default lifetime
lifetime sec
Sets the value of the timeout parameter in seconds as an integer from 60 through 86400. Default: 86400
Usage Guidelines
The secret keys that are used for various aspects of a configuration should only be used for a limited amount
of time before timing out. This exposes a limited amount of data to the possibility of hacking. If the SA expires,
the options are then to either close the SA and open an new one, or renew the existing SA.
of time before timing out. This exposes a limited amount of data to the possibility of hacking. If the SA expires,
the options are then to either close the SA and open an new one, or renew the existing SA.
Examples
The following command sets the lifetime timeout to 120 seconds:
lifetime 120
lifetime 120
Command Line Interface Reference, Modes I - Q, StarOS Release 19
21
IKEv2 Security Association Configuration Mode Commands
lifetime