From: Krzysztof O. <ol...@an...> - 2005-07-08 09:55:44
|
On Thu, 7 Jul 2005, Arkadiusz Patyk wrote: > On Thu, 7 Jul 2005 21:37:35 +0200, you wrote: > >> On Thu, Jul 07, 2005 at 05:59:57PM +0200, Arkadiusz Patyk wrote: >>> Hi, >>> >>> Linux 2.6.11.10 >>> ipsec-tools 0.6 >>> >> [....] >>> How to change soft lifetime on racoon to be always 30s? >> >> Not sure it is the good solution.... > > What is the proper solution this issue ? > >> There should be a similar configuration on Linux stack (or just always >> use new SA, I never saw real problems with always doing that). > > I can't found this on Linux stack ;( > Where is the main problem - cisco protocol implementation is broken ? It seems both are broken IMHO. Cisco should accept old key as long it is=20 valid, linux should use new key when it has one. You may try to describe your problem with IPSec implementatnio in Linux=20 at ne...@os... and wait for fix in kernel. Best regards, =09=09=09Krzysztof Ol=EAdzki |