Hello all,<br><br>In a normal ipsec connection, what should be the values of ikelifetime (phase-1) and keylife (phase-2).<br>Particularly whether ikelifetime > keylife, or ikelifetime < keylife ?<br><br>As per `man ipsec.conf`, default values for Phase -1 keylife is 1 hour and Phase -2 keylife is 8 Hours.<br>
Are they represent the recommended one?<br><br>Regards,<br>-hiren<br>