[vpn-help] Timeouts?
kevin shrew-vpn
klmlk at hotmail.com
Fri Jul 9 17:13:02 CDT 2010
Hi Igor,
If there's no traffic, the VPN will probably end after the shorter of the Phase 1 lifetimes. I think Phase 2 can renew for up to the applicable Phase 1 lifetime.
Look into the VPN Monitor functions in the AutoKey IKE definition (Advanced properties). I think if you turn on Monitor and enable Rekey it may keep your VPN up regardless of the lifetime settings because it renews the sessions when the lifetime is up. It may only apply to site-to-site VPNs though (not dial-up VPNs).
-----Original Message-----
From: Igor Birman <igor_birman at yahoo.com>
Date: Fri, 9 Jul 2010 21:53:59
To: <vpn-help at lists.shrew.net>
Subject: [vpn-help] Timeouts?
Can someone explain timeouts with ShrewSoft VPN Client and Juniper SSG Routers? My goal is to set it up so it basically never times out - once a user signs on I want them to stay signed on until they reboot their computer.
In Shrew Soft, I have a Key Life Time limit of 86400 seconds for Phase 1, and 3600 seconds for phase 2, but I am not sure what that means - will it time out after 24 hours, or will it stay connected?
On the SSG, the P1 proposal is set to 28800, and the P2 life time is 3600, but again, I am not sure what that means.
Thanks!
Igor
Igor Birman
http://www.cyberigor.com || http://www.pbase.com/ibirman || http://www.MyYellowPad.com
More information about the vpn-help
mailing list