Hi, Wonder if anyone can help on this. I am securing traffic between W2008 R1 Sp2 Servers (print server role) and HP MFP's utilizing the HP Jetdirect 635n card. Connections establish fine, in both directions, either initiated by the Windows Server or by the MFP itself . However, if no activity occurs between W2008 and the MFP's, after about 5 mins, the Quick Mode SA is dropped. This is despite both sides of the connection having a Quick Mode SA Lifetime of 60 mins. I believe in W2003, there was a SAIdleTime registry key, which could be used to increase the timeout value. This doesn't seem to work on W2008. Is there any way of increasing the SA Idle Time on W2008? Regards AB

Hi, As far as I know, SAIdleTime still works on Windows Server 2008. But we must set the same settings on both sides of IPSEC. Make sure the Quick Mode SA Timeout setting on HP Jetdirect 635n is the same with your server 2008. Thanks.This posting is provided "AS IS" with no warranties, and confers no rights. Please remember to click "Mark as Answer" on the post that helps you, and to click "Unmark as Answer" if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

Hi Thanks for responding. I will try it again. The Quick Mode SA settings on W2008 are:- 60mins/100000KB The Quick Mode SA settings on the Jetdirect are:- 3600secs/0KB According to the JD v3.8 Firmware manual, "Set to 0 (zero) to disable". Not sure what that means. Whether it means QM SA Lifetime is disabled, or whether it just doesn't check the Kilobyte size. Any ideas? Thanks Alan