[c-nsp] Cisco - Netscreen VPN
Church, Chuck
cchurch at netcogov.com
Thu Oct 13 12:48:08 EDT 2005
I seem to remember (maybe at Networkers) a new IOS feature that would
allow IPSec SAs to rebuild before the previous one expires. Not sure if
the NetScreen would support that though. Nor can I even figure out what
Cisco is calling this technology. Seemed to be related to QOS and VPN.
Chuck Church
Lead Design Engineer
CCIE #8776, MCNE, MCSE
Netco Government Services - Design & Implementation
1210 N. Parker Rd.
Greenville, SC 29609
Home office: 864-335-9473
Cell: 703-819-3495
cchurch at netcogov.com
PGP key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x4371A48D
-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Ryan O'Connell
Sent: Thursday, October 13, 2005 12:10 PM
To: Luan Nguyen
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] Cisco - Netscreen VPN
On 13/10/2005 17:00, Luan Nguyen wrote:
>Cisco default is 3600 for ipsec which the same as NS. So yeah, try
changing
>the lifetime of isakmp to 28800.
>
>
Unfortunately that just means it breaks a couple of times a day instead
of hourly...
_______________________________________________
cisco-nsp mailing list cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list