From: Don S. <do...@se...> - 2007-12-21 22:27:48
|
OK I just spoke with the firewall admin and he showed me the firewall config screen. Phase 1 (ISAKMP) has a lifetime of 3600 seconds. Phase 2 (IPSEC) has a lifetime of 700 seconds. Does this mean that remote = 3600 and sainfo = 700? Thanks in advance for your help! Hopefully I can get off of WinXP for my main workstation. Don. On Dec 21, 2007 4:21 PM, Don Seiler <do...@se...> wrote: > On Dec 21, 2007 4:19 PM, Matthew Grooms <mg...@sh...> wrote: > > Assuming this is the same problem you and Fred were investigating > > earlier, yes. Set the sainfo lifetime to 3600 not the remote lifetime. > > This should avoid the situation where the peer generates a phase2 > > RESPONDER-LIFETIME message and things should just work. -- Don Seiler http://seilerwerks.wordpress.com ultimate: http://www.mufc.us |