Manualshelf

TMS zl Management and Configuration Guide ST.1.2.100916

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1391139213931394139513961397139813991400
A-145
Command-Line Reference
IPsec Policy Context
Syntax: sa-lifetime seconds <seconds> kilobytes <kilobytes>
Replace <seconds> with the number of seconds that you want the SA to
remain open. Type a value between 300 (5 minutes) and 86400 (24 hours). Or
type 0 if you do not want to specify a lifetime in seconds (in this case, you
must specify a lifetime in kilobytes).
Replace <kilobytes> with the number of kilobytes that the SA can handle.
Type a value between 2560 and 4194304. Or type 0 if you do not want to specify
a lifetime in kilobytes (in this case, you must specify a lifetime in seconds).
When the lifetime of the SA reaches 80 percent of the total lifetime (in seconds
or kilobytes, whichever comes first), the TMS zl Module checks whether the
SA has experienced any activity. If it has, the module negotiates a new SA and
then deletes the old SA. If the SA is inactive, the module waits for the complete
lifetime to expire. Then, if the SA is still inactive, the module deletes the SA.
For example, to set the SA to expire in 28800 seconds or after handling 500,000
kilobytes, enter the following command:
hostswitch(tms-module-<slot ID>:ipsec:apply:auto)# sa-
lifetime seconds 28800 kilobytes 500000
IPsec Manual Keys Context
This context includes the commands specific for configuring an IPsec policy
that uses manual keying. (It is available only when the TMS zl Module is in
routing mode.)