Okay, I will, Is this having the effect of dropping the tunnel. I never
catch it when it's down, so i don't know.
Adam
On 4/3/2012 10:59 AM, Antonio Cortes Alhambra (INCATEL) wrote:
Swap this lifetimes
Phase 1 - 28800 seconds
Phase 2 - 3600 seconds
phase 1 lifetime must be greather tan phase 2 lifetime.
This values are ok
:)
Regards
Atte.,
Antonio Cortés Alhambra
-----Original Message-----
From: Adam Piasecki [mailto:[email protected]]
Sent: Tuesday, April 03, 2012 11:43 AM
To: [email protected]
Cc: 'pfSense support and discussion'
Subject: Re: [pfSense] IPSec Tunnel Negotiation?
Phase 1 - 3600 seconds
Phase 2 - 28800 seconds
On 4/3/2012 10:37 AM, Antonio Cortes Alhambra (INCATEL) wrote:
Whats is your (and your peer) Key Life Time Limit in phase 1 and phase 2
??
Atte.,
Antonio Cortés Alhambra
-----Original Message-----
From: [email protected]
[mailto:[email protected]]
On Behalf Of Adam Piasecki
Sent: Tuesday, April 03, 2012 11:11 AM
To: pfSense support and discussion
Subject: [pfSense] IPSec Tunnel Negotiation?
The IPSec Tunnel works great, but i was wondering about the following
message. Seems to be happening ever hour or so. Just wondering if it
has any negative effects (Tunnel dropping, drop packets, ect)
Apr 3 07:54:43 racoon: [XXXX]: INFO: ISAKMP-SA established
1.1.1.1[500]-1.1.1.1[500] spi:aaf2be14269bf3c9:3429812c9d3a2775
Apr 3 07:54:43 racoon: [XXXX]: INFO: respond new phase 1
negotiation: 1.1.1.1[500]<=>1.1.1.1[500]
Apr 3 07:18:42 racoon: [XXXX]: INFO: ISAKMP-SA deleted
1.1.1.1[500]-1.1.1.1[500] spi:fcdef781c8f072a2:d572f427235b4d7d
Apr 3 07:18:42 racoon: [XXXX]: INFO: ISAKMP-SA expired
1.1.1.1[500]-1.1.1.1[500] spi:fcdef781c8f072a2:d572f427235b4d7d
--
Adam M Piasecki
MidAtlanticBroadband
Office: 410-727-8250 x 123
Cell: 940-224-4837
Fax: 410-727-8245
_______________________________________________
List mailing list
[email protected]
http://lists.pfsense.org/mailman/listinfo/list
