Support Center > Search Results > SecureKnowledge Details
IKE Phase 1 is re-negotiated every 2 hours on Edge devices
Symptoms
  • IKE Phase 1 is re-negotiated every 2 hours on Edge devices
Cause

When DAIP Edge negotiates Phase 1 with the VPN Gateway, we are getting its proposal to work with community timeout, but afterward, in packet #6 we send notification that timeout should be changed to RA properties.
You can see the following inside 6th packet of IKE Phase 1:

Notify Payload
Next Payload: NONE
Reserved: 0
Length: 00 28 (40)
DOI: 00 00 00 01 (1)
ProtID: 1
SPI Size: 16
Notify Type: 24576 (RESPONDER-LIFETIME)


Solution
Note: To view this solution you need to Sign In .