07-28-2009 04:06 AM - edited 03-11-2019 08:59 AM
Hi,
I'm on my cisco asa 5520 firewall. What command can I run to find out the re-negotiate time on ipsec phase 2 for the sessions I have configured?
Thanks
Dan
Solved! Go to Solution.
07-28-2009 04:48 AM
Dan,
The quickest way to get there is probably 'show run | in crypto ipsec'. The command you are looking for is 'crypto ipsec security-association lifetime'.
If you do not see it configured, then your ASA is using the default time of 28,800 seconds (8 hours).
'crypto ipsec security-association lifetime' Command Reference:
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/c5.html#wp2190165
Hope that helps.
-Mike
07-28-2009 04:48 AM
Dan,
The quickest way to get there is probably 'show run | in crypto ipsec'. The command you are looking for is 'crypto ipsec security-association lifetime'.
If you do not see it configured, then your ASA is using the default time of 28,800 seconds (8 hours).
'crypto ipsec security-association lifetime' Command Reference:
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/c5.html#wp2190165
Hope that helps.
-Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide