best config for Windows2003

Hi,
 I have a setup with a linux server connecting to a Windows
2003
server using IPsec in PSK host-to-host transport mode. Only
linux sent
files to windows server. The linux server is using Openswan
2.4.6 on
kernel 2.6.18. Windows side uses default configuration for
IKE SA and
IPSEC SA lifetime. What values should I set for IKELIFETIME
and
KEYLIFE and does linux should have set: rekey=yes or
rekey=no?
What should I set: auto=add or auto=start if linux server
sent 300MB
files every 12-20 hours.

R.S.
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan: 
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155

On Fri, 13 Apr 2007, Remigiusz Stachura wrote:

>  I have a setup with a linux server connecting to a
Windows 2003
> server using IPsec in PSK host-to-host transport mode.
Only linux sent
> files to windows server. The linux server is using
Openswan 2.4.6 on
> kernel 2.6.18. Windows side uses default configuration
for IKE SA and
> IPSEC SA lifetime. What values should I set for
IKELIFETIME and
> KEYLIFE

Stick with the defaults.

> and does linux should have set: rekey=yes or rekey=no?

You only should use rekey=no if the other end is a dynamic
ip (eg right=%any)

> What should I set: auto=add or auto=start if linux
server sent 300MB
> files every 12-20 hours.

Only use auto=add if you the other end is a dynamic ip (eg
right=%any).

Paul
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan: 
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155