From 5d3bffe651678e9fcbf2dad90cea7e66a110ce53 Mon Sep 17 00:00:00 2001
From: mkorobeinikov <92354771+mkorobeinikov@users.noreply.github.com>
Date: Wed, 23 Feb 2022 09:13:27 +1000
Subject: Ability to set SA life bytes and packets

https://phabricator.vyos.net/T1856
https://github.com/vyos/vyos-1x/pull/1230
---
 docs/configuration/vpn/ipsec.rst | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'docs/configuration/vpn')

diff --git a/docs/configuration/vpn/ipsec.rst b/docs/configuration/vpn/ipsec.rst
index 7194057d..e079474f 100644
--- a/docs/configuration/vpn/ipsec.rst
+++ b/docs/configuration/vpn/ipsec.rst
@@ -131,6 +131,12 @@ VyOS ESP group has the next options:
  
  * ``enable`` enable IPComp compression;
  
+* ``life-bytes`` ESP life in bytes <1024-26843545600000>. 
+  Number of bytes transmitted over an IPsec SA before it expires;
+  
+* ``life-packets`` ESP life in packets <1000-26843545600000>. 
+  Number of packets transmitted over an IPsec SA before it expires;  
+  
 * ``lifetime`` ESP lifetime in seconds <30-86400> (default 3600). 
   How long a particular instance of a connection (a set of 
   encryption/authentication keys for user packets) should last, 
-- 
cgit v1.2.3