Re: [Ipsec-tools-devel] racoon 0.7 w/ sidewinder

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

OK I just spoke with the firewall admin and he showed me the firewall
config screen.

Phase 1 (ISAKMP) has a lifetime of 3600 seconds.

Phase 2 (IPSEC) has a lifetime of 700 seconds.

Does this mean that remote = 3600 and sainfo = 700?

Thanks in advance for your help!  Hopefully I can get off of WinXP for
my main workstation.

Don.

On Dec 21, 2007 4:21 PM, Don Seiler <do...@se...> wrote:
> On Dec 21, 2007 4:19 PM, Matthew Grooms <mg...@sh...> wrote:
> > Assuming this is the same problem you and Fred were investigating
> > earlier, yes. Set the sainfo lifetime to 3600 not the remote lifetime.
> > This should avoid the situation where the peer generates a phase2
> > RESPONDER-LIFETIME message and things should just work.

-- 
Don Seiler
http://seilerwerks.wordpress.com
ultimate: http://www.mufc.us