From owner-freebsd-questions@FreeBSD.ORG Thu Oct 14 14:46:46 2010 Return-Path: Delivered-To: questions@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 26DF5106566C for ; Thu, 14 Oct 2010 14:46:46 +0000 (UTC) (envelope-from norgaard@locolomo.org) Received: from mail.locolomo.org (97.pool85-48-194.static.orange.es [85.48.194.97]) by mx1.freebsd.org (Postfix) with ESMTP id D66258FC1B for ; Thu, 14 Oct 2010 14:46:45 +0000 (UTC) Received: from beta.1-16-172-dyn.locolomo.org (unknown [172.16.1.127]) by mail.locolomo.org (Postfix) with ESMTPSA id 8599A1C0847 for ; Thu, 14 Oct 2010 16:26:47 +0200 (CEST) Message-ID: <4CB71326.3030301@locolomo.org> Date: Thu, 14 Oct 2010 16:26:46 +0200 From: Erik Norgaard User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.2.9) Gecko/20100915 Lightning/1.0b2 Thunderbird/3.1.4 MIME-Version: 1.0 To: questions@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: Subject: IPSec/racoon key time to live X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Oct 2010 14:46:46 -0000 Hi: I'm up against configuring a number of different systems with host-host IPSec AH-only. The systems use different versions of racoon. Questions: - Must the key lifetime be the same in both ends? - Can key lifetime be configured per host-host connection? Thanks, Erik -- Erik Nørgaard Ph: +34.666334818 http://www.locolomo.org