klako 0 Posted ... Hello I have a massive Problem. I can't set the reneg-sec value above 3600 (default). This causes periodic disconnect (every hour) on my Linux server for all clients and upstream Servers. What is your suggestion/solution? Processor is a BCM7405, so there are entropy limitations. Quote Share this post Link to post
Staff 10019 Posted ... Hello! It is not possible to go over 3600 seconds because our servers WANT to re-negotiate TLS keys at least every hour. This is intentional because we wish to provide Perfect Forward Secrecy. We wouldn't be worried about entropy limitations for re-keying with your Broadcom processor, why are you? Are we missing something? Kind regards Quote Share this post Link to post