search

Cisco 7100 Series Especificaciones Pagina 50

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 112
  • Tabla de contenidos
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 49
Step 3—Configuring Encryption
Cisco 7100 Series VPN Configuration Guide
3-20
Setting Global Lifetimes for IPSec Security Associations
Youcan change the global lifetime valueswhich are used whennegotiatingnewIPSec SAs.
(These global lifetime values can be overridden for a particular crypto map entry). These
lifetimes only apply to security associations established using IKE. Manually established
security associations do not expire.
There are two lifetimes: a “timed” lifetime and a “traffic-volume” lifetime. An SA expires
afterthe first of theselifetimes is reached. The defaultlifetimes are 3600seconds (one hour)
and 4,608,000 kilobytes (10 megabytes per second for one hour).
If you change a global lifetime, the new lifetime value will not be applied to currently
existing SAs, but will be used in the negotiation of subsequently established SAs. To use
the new values immediately, you can clear all or part of the SA database using the clear
crypto sa command.
IPSec SAs use one or more shared secret keys. These keys and their SAs time out together.
To change a global lifetime for IPSec SAs, enter one or more of the following commands
in global configuration mode:
Verifying Global Lifetimes for IPSec Security Associations
To verify the configuration:
Enter the show crypto ipsec security-association-lifetime EXEC command to see
global security association lifetime values.
hq-sanjose# show crypto ipsec security-association-lifetime
Security association lifetime:4608000 kilobytes/3600 seconds
Command Purpose
hq-sanjose(config)# crypto ipsec
security-association lifetime seconds 3600
Change the global timed lifetime for IPSec SAs.
This example configures the SA to time out after
3600 seconds.
hq-sanjose(config)# crypto ipsec
security-association lifetime kilobytes 4608000
Change the global traffic-volume lifetime for IPSec
SAs. This example configures the SA to time out
after 4,608,000 kilobytes of traffic have passed
through the IPSec tunnel using the SA.
Vista de pagina 49
1 2 ... 45 46 47 48 49 50 51 52 53 54 55 ... 111 112

Comentarios a estos manuales

Sin comentarios
Relacionado con productos y manuales para Redes Cisco 7100 Series
Redes Cisco VPN 3000 Manual de usuario   (25 paginas)
Redes Cisco WS-X6248-RJ-45 - Catalyst 6000 Expansion Module Manual de usuario   (42 paginas)
Redes Cisco MCS 7835 Series Manual de usuario   (9 paginas)
Redes Cisco 1802W Manual de usuario   (40 paginas)
Redes Cisco 4500M Guía de instalación   (32 paginas)
Redes Cisco WS-C3560-12PC-S - Catalyst 3560-12PC Switch Manual de usuario   (17 paginas)
Redes Cisco 7120-4T1 - 7120 Router Especificaciones   (24 paginas)
Redes Cisco VPN 3000 Guía de usuario   (502 paginas)
Redes Cisco EF3116 Manual de usuario   (8 paginas)
Redes Cisco CX-FEIP-2TX= Installation and con?guration Guía de usuario   (40 paginas)
Redes Cisco 826 Manual de usuario   (8 paginas)
Redes Cisco 1861 Manual de usuario   (13 paginas)
Redes Cisco TES301 Manual de usuario   (52 paginas)
Redes Cisco MGBSX1 Manual de usuario   (16 paginas)
Redes Cisco 1005 - 1005 Router Manual de usuario   (10 paginas)
Redes Cisco PA-2FE-TX Especificaciones   (60 paginas)
Redes Cisco 880 Series Manual de usuario   (18 paginas)
Redes Cisco 2520-RF - 2520 Router Especificaciones   (116 paginas)
Redes Cisco EPC3825 Manual de usuario   (8 paginas)
Redes Cisco DPC3008 Guía de usuario   (44 paginas)
  • AMC Ozaki Aeo-photo Delta Tau Daniel Hertz
  • Panasonic Los Sistemas De Control De Acceso De Seguridad Samsung Receptor LG Reproductores de cd Insignia Decodificadores de tv Cakewalk Equipo musical
  • Sealey G1000I Motorola MPX200 Philips SC5275/10 DisplayLink USB Display Adapter ATEN CN-6000
  • GE HMAA Guía de instalación Wacom CINTIQ 24 Manual de usuario Dimplex CX-MPC El manual del propietario Aeg-Electrolux 41016VH-WN Manual de usuario Samsung iDCS100 Manual de usuario