Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
573
Views
0
Helpful
1
Replies

can I change IKE,Transform set... without affecting IPSEC tunnels?

Go to solution
zhichao
Level 1
Level 1

‎06-01-2004 06:48 PM - edited ‎02-21-2020 01:11 PM

Hi

In the production network, can I change the IPSEC parameters, e.g. SA life time, Pre-shared key, etc...? Will these affect the tunnels?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
gfullage
Cisco Employee
Cisco Employee

‎06-01-2004 08:12 PM

You can change them, they won't be used until the tunnel is rebuilt (every 1 hour by default for Phase 2 SA's, and every 24 hours for Phase 1). Make sure you change them on both sides of the tunnel though so they match up.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
gfullage
Cisco Employee
Cisco Employee

‎06-01-2004 08:12 PM

You can change them, they won't be used until the tunnel is rebuilt (every 1 hour by default for Phase 2 SA's, and every 24 hours for Phase 1). Make sure you change them on both sides of the tunnel though so they match up.

0 Helpful
Customers Also Viewed These Support Documents