Fix IKEv2

- Fix an issue with IKEv2 disconnecting after one hour due to IKE SA
  expiration, by setting ikelifetime and salifetime to 24h.
  Ref: #913 #844 https://libreswan.org/man/ipsec.conf.5.html

docs/ikev2-howto-zh.md

@@ -342,6 +342,8 @@ wget https://git.io/ikev2setup -O ikev2.sh && sudo bash ikev2.sh --auto
      fragmentation=yes
      ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
      phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2
+     ikelifetime=24h
+     salifetime=24h
    EOF
    ```
 

docs/ikev2-howto.md

@@ -342,6 +342,8 @@ As an alternative to using the [helper script](#using-helper-scripts), advanced
      fragmentation=yes
      ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
      phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2
+     ikelifetime=24h
+     salifetime=24h
    EOF
    ```
 

extras/ikev2setup.sh

@@ -595,7 +595,7 @@ cat > "$mc_file" <<EOF
           <key>EncryptionAlgorithm</key>
           <string>AES-256-GCM</string>
           <key>LifeTimeInMinutes</key>
-          <integer>1440</integer>
+          <integer>1410</integer>
         </dict>
         <key>DeadPeerDetectionRate</key>
         <string>Medium</string>
@@ -614,7 +614,7 @@ cat > "$mc_file" <<EOF
           <key>IntegrityAlgorithm</key>
           <string>SHA2-256</string>
           <key>LifeTimeInMinutes</key>
-          <integer>1440</integer>
+          <integer>1410</integer>
         </dict>
         <key>LocalIdentifier</key>
         <string>$client_name</string>
@@ -796,6 +796,8 @@ conn ikev2-cp
   fragmentation=yes
   ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024
   phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes128-sha2,aes256-sha2
+  ikelifetime=24h
+  salifetime=24h
   encapsulation=yes
 EOF