re-authentication interval

Function

The re-authentication interval command sets the IKEv2 re-authentication interval.

The undo re-authentication interval command cancels the configuration.

By default, the device does not perform IKEv2 re-authentication.

Format

re-authentication interval interval

undo re-authentication interval

Parameters

Parameter	Description	Value
interval	Specifies the IKEv2 re-authentication interval. When about 70% of the time interval has elapsed, the device initiates IKEv2 re-authentication.	The value is an integer that ranges from 60 to 604800, in seconds.

Parameter

Description

Value

interval

Specifies the IKEv2 re-authentication interval.

When about 70% of the time interval has elapsed, the device initiates IKEv2 re-authentication.

The value is an integer that ranges from 60 to 604800, in seconds.

Views

Efficient VPN policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

In the remote access scenario, third-party attacks may occur during communications of peers. To improve IPSec network security, you can run this command to enable the peers to periodically re-authenticate each other.

Precautions

Only IKEv2 supports re-authentication.

Example

# Set the re-authentication interval to 400 seconds in the IPSec Efficient VPN policy.

<HUAWEI> system-view
[HUAWEI] ipsec efficient-vpn evpn mode client
[HUAWEI-ipsec-efficient-vpn-evpn] re-authentication interval 400