On 2012-04-11, Christian Weisgerber <na...@mips.inka.de> wrote:
> Andre Ruppert <a...@in-telegence.net> wrote:
>
>> is there any chance (perhaps in the future) to integrate lifetime
>> parameters via ipsecctl --> ipsec.conf or will I be forced to keep on
>> using isakmpd.conf?
>
> There is lifetime code in ipsecctl.  I don't know if its absence
> from the man page is an accidental omission or if the code is
> incomplete.
>

IIRC, it looks like it should work per-peer but can actually
only be used to set lifetimes for the default peer. Examination of
the output from ipsecctl -nvf /etc/ipsec.conf would confirm this.

Reply via email to