Log in to ask questions, share your expertise, or stay connected to content. Don’t have a login? Join now.
You can get the lifetime for both isakmp & ipsec from the following two commands, 8 hours for IKE, 2 hours for IPSEC. These values are hardcoded into the controller, and are not configurable. (RAP-Local) #show crypto isakmp sa peer 76.103.139.111 Initiator IP: 76.103.139.111Responder IP: 10.1.1.241Initiator: NoInitiator cookie:acb7b8a76a914114 Responder cookie:b2bb5e899fcef63bSA Creation Date: Tue Oct 8 08:26:30 2013Life secs: 28800 ===>8 hoursInitiator Phase1 ID: ipv4/10.0.0.2Responder Phase1 ID: ipv4/10.1.1.241Exchange Type: Main modePhase1 Transform: EncAlg:AES HashAlg:SHA DHGroup:#2(1024 bit)Authentication method: XAuth with Pre-Shared KeyXAuth IP 10.240.14.157, Phase 2 passedIPSEC SA Rekey Number: 4Aruba APReference count: 2 (RAP-Local) #show crypto ipsec sa peer 76.103.139.111 Initiator IP: 76.103.139.111Responder IP: 10.1.1.241Initiator: NoInitiator cookie:acb7b8a76a914114 Responder cookie:b2bb5e899fcef63bSA Creation Date: Tue Oct 8 11:32:37 2013Life secs: 7200 ======>2hoursInitiator Phase2 ID: 10.240.14.157/255.255.255.255Responder Phase2 ID: 0.0.0.0/0.0.0.0Phase2 Transform: EncAlg:esp-aes256 HMAC:esp-sha-hmacEncapsulation Mode:UDP-encapsulated Tunnel PFS: NoOUT SPI 5ffda300, IN SPI 6eb9b600Inner IP 10.240.14.157, internal type CAruba APReference count: 3
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.