Maximum Roaming Time - Nortel Contivity 1100 Configuration Manual

Vpn router basic features

Hide thumbs Also See for Contivity 1100:

Connecting manual (6 pages)

Install manual (218 pages)

Installing (158 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

page of 178

/ 178
Contents
Table of Contents
Bookmarks

Table of Contents

154 Chapter 8 Configuring IPSec mobility and persistent mode

Maximum roaming time

Maximum roaming time is the time used by the Nortel VPN Client to keep the

tunnel from going down after the IP address on the physical interface (on which

tunnel was brought up) has been lost.

For example, if you move from area 1 (AP1) to area 2 (AP2) and the IP address on

the interface is lost, it could take some time to establish contact with AP2 in area

2. Maximum roaming time allows you to tune this time such that the client can

keep the connection up for 2 hours and then if necessary, the same session can be

re-vitalized at another location.

You must use some caution and tune the idle timeout and the client failover tuning

(legacy client keepalives) timers appropriately for this to work. For example, idle

timeout may start during roaming time and as a result the Nortel VPN Router will

logoff the session. When the client obtains a new IP address and sends an Address

Change Notification, it will not be recognized by the Nortel VPN Router as the

session has already been logged off. A similar situation may arise with the client

failover tuning timers.

If a rekey is initiated by the Nortel VPN Router during the roaming time, it may

not be able to reach the client (for example, it is out of area) and the rekey may

fail. When the rekey fails, the Nortel VPN Router will bring down the session and

roaming will not succeed even after the client obtains a new IP address. This

occurs because the Nortel VPN Router has no knowledge about the client going

through roaming time at rekey.

The forced logoff timer is independent of roaming time. The Nortel VPN Router

is expected to logoff the session whether or not roaming is in progress.

NAT keepalive timers have no impact on roaming timeout because the Nortel

VPN Router updates the UDP port numbers based on an encrypted Address

Change Notification message.

Once the Nortel VPN Client obtains a new IP address, it retransmits the Address

Change Notification message four times at 8 second intervals until an

acknowledgement is received from the Nortel VPN Router. If no

acknowledgement is received, the client disconnects.

Session persistence time has no direct impact on roaming time.

NN46110-500

Table of Contents

Show Quick Links

Hide quick links:

Table of Contents

This manual is also suitable for:

Contivity 1010 Contivity 1050

Maximum Roaming Time - Nortel Contivity 1100 Configuration Manual

Maximum roaming time

Hide quick links:

Related Manuals for Nortel Contivity 1100

Related Content for Nortel Contivity 1100

This manual is also suitable for:

Table of Contents