Change the Cookie Activation Threshold for IKEv2

Perform the following task if you want a firewall to have a threshold different from the default setting of 500 half-opened SA sessions before cookie validation is required. For more information about cookie validation, see Cookie Activation Threshold and Strict Cookie Validation.
  1. Change the Cookie Activation Threshold.
    1. Select DeviceSetupSession and edit the VPN Session Settings. For Cookie Activation Threshold, enter the maximum number of half-opened SAs that are allowed before the responder requests a cookie from the initiator (range is 0-65,535; default is 500).
    2. Click OK.
  2. Commit your changes.
    Click OK and Commit.

Related Documentation