D-Link DFL-1660 User Manual page 462

9.4.6. IPsec Advanced Settings
Chapter 9. VPN
of the tunnel has not responded to DPD-R-U-THERE messages for DPD Expire Time x 10 seconds
and there is no other evidence of life. When the SA is placed in the dead cache, NetDefendOS will
not try to re-negotiate the tunnel. If traffic that is associated with the SA that is in the dead cache is
received, the SA will be removed from the dead cache. DPD will not trigger if the SA is already
cached as dead.
This setting is used with IKEv1 only.
Default: 2 (in other words, 2 x 10 = 20 seconds)
DPD Expire Time
The length of time in seconds for which DPD messages will be sent to the peer. If the peer has not
responded to messages during this time it is considered to be dead.
In other words, this is the length of time in seconds for which DPD-R-U-THERE messages will be
sent. If the other side of the tunnel has not sent a response to any messages then it is considered to
be dead (not reachable). The SA will then be placed in the dead cache.
This setting is used with IKEv1 only.
Default: 15 seconds
462