Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
814
Views
0
Helpful
1
Replies

What is life time in IPSec VPN?

Khaleelur Rahman
Level 1
Level 1

ā€Ž06-06-2018 02:15 AM - edited ā€Ž03-12-2019 05:20 AM

Hi there,

 

Please help me to understand the below topics about Lifetime & PFS.

 

1. What is Lifetime in IPSec VPN?

2. Default P1 Lifetime and What happens after that.?

3. Default P2 Lifetime and What happens after that.?

4. What is PFS?

 

thank you with anticipation.

 

Best Regards,

Khaleelur Rahman

Labels:
0 Helpful
1 Reply 1

Bogdan Nita
VIP Alumni
VIP Alumni

ā€Ž06-06-2018 02:59 AM

Hi @Khaleelur Rahman,

1. the lifetime is basically the time interval the vpn peers use a set of keys to encrypt data over the tunnel
2. I believe it is 24h on ASAs, after the keys expire new set of keys will be negociated
3. I believe this one is 8h on ASAs, same as with phase 1, they new keys will be renegociated after lifetime expires
4. with PFS enabled Diffie-Hellman key exchange will be performed for phase 2 as well

 

HTH

Bogdan

0 Helpful
Customers Also Viewed These Support Documents