ike-lifetime

crypto-auto-ipsec-tunnel commands

Configures the IKE SA‘s key lifetime in seconds

The lifetime defines how long a connection (encryption/authentication keys) should last, from successful key negotiation to expiration. Two peers need not exactly agree on the lifetime, though if they do not, there is some clutter for a superseded connection on the peer defining the lifetime as longer.

Supported in the following platforms:

Syntax

ike-lifetime <600-86400>

Parameters

ike-lifetime <600-86400>
ike-lifetime <600-86400> Sets the IKE SA‘s key lifetime in seconds
  • <600-86400> – Specify a value fro m 600 - 86400 seconds. The default is 8600 seconds.

Example

nx9500-6C8809(config-profile-testAP8533-crypto-auto-ipsec-secure)#ike-lifetime 800

nx9500-6C8809(config-profile-testAP8533-crypto-auto-ipsec-secure)#show context crypto auto-ipsec-secure
  ike-lifetime 800
nx9500-6C8809(config-profile-testAP8533-crypto-auto-ipsec-secure)#