H3C MSR Series Command Reference Manual page 675
Comware 7 security
Hide thumbs
Also See for MSR Series:
- Command reference manual (174 pages) ,
- Configuration manual (80 pages) ,
- Manual (33 pages)
Table of Contents
Advertisement
Predefined user roles
network-admin
Parameters
seconds: Specifies the IKEv2 SA lifetime in seconds, in the range of 120 to 86400.
Usage guidelines
An IKEv2 SA can be used for subsequent IKEv2 negotiations before its lifetime expires, saving a lot
of negotiation time. However, the longer the lifetime, the higher the possibility that attackers collect
enough information and initiate attacks.
Two peers can have different IKEv2 SA lifetime settings, and they do not perform lifetime negotiation.
The peer with a shorter lifetime always initiates the rekeying.
Examples
# Create an IKEv2 profile named profile1.
<Sysname> system-view
[Sysname] ikev2 profile profile1
# Set the IKEv2 SA lifetime to 1200 seconds.
[Sysname-ikev2-profile-profile1] sa duration 1200
Related commands
display ikev2 profile
652
Advertisement
Table of Contents
