Table of Contents
Advertisement
ProSecure Unified Threat Management UTM10 or UTM25 Reference Manual
4. Enter the settings as explained in
Table 7-20. Keepalive Settings
Item
General
Enable Keepalive
5. Click Apply to save your settings.
Configuring Dead Peer Connection
The Dead Peer Detection (DPD) feature maintains the IKE SA by exchanging periodic messages
with the remote VPN peer. To configure DPD on a configured IKE policy:
1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs appear with the IKE
Policies screen in view (see
2. In the List of IKE Policies table, click the edit table button to the right of the IKE policy that
you want to edit. The Edit IKE Policy screen displays.
the top part of the screen with the General section).
7-56
Table
7-20.
Description (or Subfield and Description)
Select the Yes radio button to enable the Keepalive feature. Periodically, the
UTM sends ping packets to the remote endpoint to keep the tunnel alive. You
must enter the ping IP address, detection period, and the maximum number
of times that the UTM attempts to reconnect (see below).
Ping IP Address
The IP address that the UTM pings. The address must be
of a host that can respond to ICMP ping requests.
Detection period
The period in seconds between the ping packets. The
default setting is 10 seconds.
Reconnect after
The number of consecutive missed responses that are
failure count
considered a tunnel connection failure. The default
setting is 3 missed responses.
Figure 7-20 on page
Virtual Private Networking Using IPsec Connections
v1.0, September 2009
7-23).
(Figure 7-31 on page 7-55
shows only
Advertisement
Table of Contents
Troubleshooting
