Anybody have any real world experience on setting timeouts for IPSEC and
ISAKMP sa's?? The default is kind of large, so I was going to reduce it to
an hour or so, and then started thinking that an hour is to short.. so the
trade off is performance for security. Specifically it's with a 3005 and
about 37 remote sites, 3des. Given that the 3005 doesn't do encryption in
hardware am I going to overburden the box???
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.
This footnote also confirms that this email message has been swept for
the
presence of computer viruses.
For more information contact postmaster@xxxxxxxxxxx
phone + 353 1 4093000
fax + 353 1 4093001
**********************************************************************
