From: Phillip H. <ss...@gm...> - 2007-07-11 15:33:49
|
Is there anything that would be causing the SA to expire after 6 minutes instead of 30? I understand that if I specify 30, then it tries to renegotiate after 25. That's good, but it is expiring after 6 minutes, long before it tries to renegotiate. Could the other side be sending an expire message? I called my workplace and they said the vpn router is still set to lifetime 30 minutes like it has always been. Thanks, Phillip |
From: Phillip H. <ss...@gm...> - 2007-07-11 16:30:24
|
On 7/11/07, Phillip Hellewell <ss...@gm...> wrote: > > > Is there anything that would be causing the SA to expire after 6 minutes > instead of 30? > Nevermind, I just misunderstood what was happening. Looking at the spi values helped me figure it out. It "soft" expires after 24 minutes, renegotiates, then "hard" expires after 30 minutes (6 minutes later). That sounds good to me. Unfortunately, this means I've been chasing a red herring... Oh well, back to the drawing board. I'm sure I'll figure out eventually why the tunnel is being flaky. Phillip |