[x]

Keychain commands > accept-tolerance

 

 Next

accept-tolerance

Use accept-tolerance to set a tolerance time for accept keys in a keychain.

Use undo accept-tolerance to restore the default.

Syntax

accept-tolerance { value | infinite }

undo accept-tolerance

Default

No tolerance time is configured for accept keys in a keychain.

Views

Keychain view

Predefined user roles

network-admin

‌mdc-admin

Parameters

value: Specifies a tolerance time in the range of 1 to 8640000 seconds.

infinite: Specifies that the accept keys never expires.

Usage guidelines

After a tolerance time is configured, the start time and the end time configured in the accept-lifetime utc command are extended for the period of the tolerance time.

If authentication information is changed, information mismatch occurs on the local and peer devices, and the service might be interrupted. Use this command to ensure continuous packet authentication.

Examples

# Set the tolerance time to 100 seconds for accept keys in keychain abc.

<Sysname> system-view
[Sysname] keychain abc mode absolute
[Sysname-keychain-abc] accept-tolerance 100

# Configure the accept keys in keychain abc to never expire.

<Sysname> system-view
[Sysname] keychain abc mode absolute
[Sysname-keychain-abc] accept-tolerance infinite

prev

 

up

 next

accept-lifetime utc 

home

 authentication-algorithm

© Copyright 2018 Hewlett Packard Enterprise Development LP