Hi Igor, If there's no traffic, the VPN will probably end after the shorter of the Phase 1 lifetimes. I think Phase 2 can renew for up to the applicable Phase 1 lifetime.
Look into the VPN Monitor functions in the AutoKey IKE definition (Advanced properties). I think if you turn on Monitor and enable Rekey it may keep your VPN up regardless of the lifetime settings because it renews the sessions when the lifetime is up. It may only apply to site-to-site VPNs though (not dial-up VPNs). -----Original Message----- From: Igor Birman <[email protected]> Date: Fri, 9 Jul 2010 21:53:59 To: <[email protected]> Subject: [vpn-help] Timeouts? Can someone explain timeouts with ShrewSoft VPN Client and Juniper SSG Routers? My goal is to set it up so it basically never times out - once a user signs on I want them to stay signed on until they reboot their computer. In Shrew Soft, I have a Key Life Time limit of 86400 seconds for Phase 1, and 3600 seconds for phase 2, but I am not sure what that means - will it time out after 24 hours, or will it stay connected? On the SSG, the P1 proposal is set to 28800, and the P2 life time is 3600, but again, I am not sure what that means. Thanks! Igor Igor Birman http://www.cyberigor.com || http://www.pbase.com/ibirman || http://www.MyYellowPad.com _______________________________________________ vpn-help mailing list [email protected] http://lists.shrew.net/mailman/listinfo/vpn-help
