This scenario tests <b>repeated authentication</b> according to RFC 4478.
-The initiator <b>carol</b> sets a large <b>ikelifetime=20m</b> but the responder
-<b>moon</b> defining a much shorter <b>ikelifetime=30s</b> proposes this
-value via an AUTH_LIFETIME notification to the initiator. Thus the
+The initiator <b>carol</b> sets a large <b>reauth_time=60m</b> but the responder
+<b>moon</b> defining a much shorter <b>reauth_time=30s</b> proposes this
+value via an AUTH_LIFETIME notification to the initiator. Thus the
IKE reauthentication takes places after less than 30s. A ping from
<b>carol</b> to client <b>alice</b> hiding in the subnet behind <b>moon</b>
-tests if the CHILD_SA has been inherited by the new IKE_SA.
+tests if the CHILD_SA has been recreated under the new IKE_SA.