Hard IKE_SA lifetime if rekey/reauth does not complete, as time. To avoid having an IKE/ISAKMP kept alive if IKE reauthentication or rekeying fails perpetually, a maximum hard lifetime may be specified. If the IKE_SA fails to rekey or reauthenticate within the specified time, the IKE_SA gets closed.In contrast to CHILD_SA rekeying, over_time is relative in time to the rekey_time and reauth_time values, as it applies to both.The default is 10% of the longer of <a href="/nixpkgs/option/services.strongswan-swanctl.swanctl.connections.&lt;name&gt;.rekey_time"><a href="/nixpkgs/option/rekey_time" rel="nofollow">rekey_time</a></a> and <a href="/nixpkgs/option/services.strongswan-swanctl.swanctl.connections.&lt;name&gt;.reauth_time"><a href="/nixpkgs/option/reauth_time" rel="nofollow">reauth_time</a></a>.

services.strongswan-swanctl.swanctl.connections.<name>.over_time

Hard IKE_SA lifetime if rekey/reauth does not complete, as time