diff --git a/vpnsetup.sh b/vpnsetup.sh
index 761736d..25cc048 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -274,6 +274,8 @@ conn shared
   ikev2=never
   ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
   phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
+  ikelifetime=24h
+  salifetime=24h
   sha2-truncbug=no
 
 conn l2tp-psk
diff --git a/vpnsetup_amzn.sh b/vpnsetup_amzn.sh
index 9c5419a..d3c336d 100644
--- a/vpnsetup_amzn.sh
+++ b/vpnsetup_amzn.sh
@@ -224,6 +224,8 @@ conn shared
   ikev2=never
   ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
   phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
+  ikelifetime=24h
+  salifetime=24h
   sha2-truncbug=no
 
 conn l2tp-psk
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index 290f64a..01ef177 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -255,6 +255,8 @@ conn shared
   ikev2=never
   ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
   phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2
+  ikelifetime=24h
+  salifetime=24h
   sha2-truncbug=no
 
 conn l2tp-psk