Table of Contents
Advertisement
tunnel lifetime
tunnel local-identity
Example 3
host1(config-if)#tunnel destination identity
user4919@branch245.customer77.isp.net
Use the no version to remove the address.
See tunnel destination.
Use to set the renegotiation time of the SAs in use by this tunnel.
To configure the lifetime in number of seconds, use the seconds keyword to
specify the lifetime in the range 1800–864000.The default value is 28800 seconds.
To configure the lifetime in amount of traffic, use the kilobytes keyword to
specify the lifetime in the range 102400–4294967295. The default is an unlimited
volume.
If you include the seconds keyword as the first keyword on the command line,
you can also include the kilobytes keyword on the same line.
Before either the volume of traffic or number of seconds limit is reached, the SA
is renegotiated, which ensures that the tunnel does not go down during
renegotiation.
Example
host1(config-if)#tunnel lifetime seconds 48000 kilobytes 249000
Use the no version to restore the default lifetime (28800 seconds) and an
unlimited volume.
See tunnel lifetime.
Use to configure the local identity (selector) of the tunnel. Specify the identity
using one of the following keywords:
address Specifies an IP address as the local identity
subnet Specifies a subnet as the local identity
range Specifies a range of IP addresses as the local identity
Example 1
host1(config-if)#tunnel local-identity range 10.10.1.1 10.10.2.1
Example 2
host1(config-if)#tunnel local-identity subnet 10.10.1.1 255.255.255.0
Use the no version to restore the default identity, which is subnet 0.0.0.0
0.0.0.0
See tunnel local-identity.
Chapter 5: Configuring IPSec
151
Configuration Tasks
Advertisement
Table of Contents
