cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
366
Views
0
Helpful
1
Replies
Khaleelur Rahman
Beginner

What is life time in IPSec VPN?

Hi there,

 

Please help me to understand the below topics about Lifetime & PFS.

 

1. What is Lifetime in IPSec VPN?

2. Default P1 Lifetime and What happens after that.?

3. Default P2 Lifetime and What happens after that.?

4. What is PFS?

 

thank you with anticipation.

 

Best Regards,

Khaleelur Rahman

1 REPLY 1
Bogdan Nita
Rising star

Hi @Khaleelur Rahman,

1. the lifetime is basically the time interval the vpn peers use a set of keys to encrypt data over the tunnel
2. I believe it is 24h on ASAs, after the keys expire new set of keys will be negociated
3. I believe this one is 8h on ASAs, same as with phase 1, they new keys will be renegociated after lifetime expires
4. with PFS enabled Diffie-Hellman key exchange will be performed for phase 2 as well

 

HTH

Bogdan

Content for Community-Ad