09-02-2015 10:50 PM
Could someone help me understand Difference between soft lifetime and hard life time in IPSEC VPN
09-03-2015 11:30 AM
Soft lifetime:
The time interval after which a router/firewall creates a new IPSEC SA (identified by its SPI value) before the existing IPSEC SA one is expires is called IPSEC Soft Lifetime
Hard Lifetime:
The time interval after which an existing IPSEC SA (currently being used for encryption and decryption) expires is called IPSEC Hard Lifetime
Soft Lifetime is always less than the Hard Lifetime.
Eg: If the IPSEC SA lifetime is 3600 secs/1 hour then this is called IPSEC Hard Life time.
The IPSEC Soft Lifetime would be 80% of 3600sec/1hr, that is 2880 secs
The exact value depends upon vendor implementation.
Hope this helps.
Kunal
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
