Crypto Isakmp Invalid-Spi-Recovery; Crypto Isakmp Nat Keepalive - Avaya G450 Cli Reference Manual
Hide thumbs
Also See for G450:
- Manual (736 pages) ,
- Installing and upgrading (324 pages) ,
- Install book (190 pages)
Table of Contents
Advertisement
Example
To set the IKE phase 2 SA lifetime to 300 seconds
G450-001(config-transform:ts1)# set security-association lifetime seconds 300
Related Commands
crypto ipsec
transform-set, mode,
crypto isakmp invalid-spi-recovery
Use the crypto isakmp invalid-spi-recovery command to enable invalid SPI
recovery (default setting). Use the no form of the command to disable invalid SPI recovery.
Syntax
[no] crypto isakmp invalid-spi-recovery
User Level
read-write
Context
general
Example
To enable invalid SPI recovery:
G450-001(super)# no crypto isakmp invalid-spi-recovery
Related Commands
ip crypto-group
crypto isakmp nat keepalive
NAT Traversal keepalive is enabled in the device by default. Use the crypto isakmp nat
keepalive command to re-enable NAT Traversal keepalive if it was disabled, and configure
the keepalive interval. The purpose of this command is to keep the NAT devices tables updated.
Use the no form of the command to disable NAT Traversal keepalives.
Tip:
Set the NAT Traversal keepalive interval to be less than the NAT translation aging
Tip:
time on the NAT device.
set
pfs,
show crypto ipsec transform-set
Issue 1 January 2008
VPN
1213
Advertisement
Table of Contents
