HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 301

The supported maximum number of established IKE SAs depends on the device's memory space. Adjust the maximum number of established IKE SAs to make full use of the device's memory space without affecting other applications in the system. Examples # Set the maximum number of half-open IKE SAs to 200. system-view [Sysname] ike limit max-negotiating-sa 200 # Set the maximum number of established IKE SAs to 200. system-view [Sysname] ike limit max-sa 5000 ike nat-keepalive Use ike nat-keepalive to set the NAT keepalive interval. Use undo ike nat-keepalive to restore the default. Syntax ike nat-keepalive seconds undo ike nat-keepalive Default The NAT keepalive interval is 20 seconds. Views System view Predefined user roles network-admin Parameters seconds: Specifies the NAT keepalive interval in seconds, in the range of 5 to 300. Usage guidelines This command takes effect only for a device behind a NAT server. When the device resides behind a NAT server, the IKE gateway behind the NAT server needs to send NAT keepalive packets to its peer IKE gateway to keep the NAT session alive. For information about how to display the lifetime of NAT entries, see Layer 3-IP Services Command Reference. Examples # Set the NAT keepalive interval to 5 seconds. system-view [Sysname] ike nat-keepalive 5 ike profile Use ike profile to create an IKE profile and enter IKE profile view. Use undo ike profile to delete an IKE profile. 292