Set Ipsec Ike Lifetime; Set Ipsec Ike Phase1 - Enterasys C3G124-24 Configuration Manual

set ipsec ike lifetime

set ipsec ike lifetime
Use this command to define the IKE timeout interval.
Syntax
set ipsec ike lifetime {[bandwidth bytes] | [main minutes] | [quick minutes]}
Parameters
bandwidth bytes
main minutes
quick minutes
Defaults
The default IKE lifetime timeout interval for main mode is 60 minutes.
The default IKE lifetime timeout interval for quick mode is 5 minutes.
The default IKE lifetime bandwith limit is 100000 bytes
Mode
Switch command, read-write, if the security profile = normal.
Switch command, super-user, if the security profile = C2.
Example
This example sets the IKE quick mode lifetime interval to 20 minutes.
C3(su)->set ipsec ike lifetime quick 20

set ipsec ike phase1

Use this command to configure the mode for Phase 1 of establishing an IPsec connection (ISAKMP
Security Association).
Syntax
set ipsec ike phase1 {main | aggressive}
Parameters
main
Specifies the lifetime bandwidth limit in bytes. Valid range is from 1 to
2147483647 bytes. Default is 100000 bytes.
Specifies the lifetime timeout interval for main mode in minutes. Value
range is from 1 to 1440 minutes. Default is 60 minutes.
Specifies the lifetime timeout interval for quick mode in minutes. Value
range is from 1 to 1440 minutes. Default is 5 minutes.
Note: Currently, only main mode is supported.
The more secure mode that uses three separate message exchanges for a
total of six messages. The first two messages negotiate policy, the next
two exchange Diffie-Hellman data, and the last two authenticate the
Diffie-Hellman exchange.
Configuring IPsec
Enterasys C3 Configuration Guide 33-5