[strongSwan] Parameters used for phase 1 and phase 2 re-negotiation
Andreas Steffen
andreas.steffen at strongswan.org
Tue Jan 31 12:52:22 CET 2012
Hello Meera,
ikelifetime defines the phase1 re-negotiation interval whereas
lifetime (the new synonym for the old FreeS/WAN keylife parameter)
determines the phase2 rekeying interval.
Regards
Andreas
lifetime or On 01/31/2012 10:04 AM, Meera Sudhakar wrote:
> Hi,
>
> I am a bit confused with the parameters "ikelifetime" and "lifetime". I
> believe "ikelifetime" re-negotiates phase 1 according to the value we
> assign it. What about "lifetime"? The strongSwan wiki says "how long a
> particular instance of a connection (a set of encryption/authentication
> keys for user packets) should last, from successful negotiation to
> expiry". So is this also for phase 1?
> In that case, what paramater should I use to re-negotiate phase 2?
> Sorry if these questions seem silly :(
>
> Thanks and regards,
> Meera
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list