Ike Local-Name - HP HSR6600 Command Reference Manual

Hide thumbs Also See for HSR6600:
Table of Contents

Advertisement

Views
System view
Default command level
2: System level
Parameters
dpd-name: Name for the DPD detector, a string of 1 to 32 characters.
Usage guidelines
DPD irregularly detects dead IKE peers. It works as follows:
1.
When the local end sends an IPsec packet, it checks the time the last IPsec packet was received
from the peer.
2.
If the time interval exceeds the DPD interval, it sends a DPD hello to the peer.
3.
If the local end receives no DPD acknowledgement within the DPD packet retransmission interval,
it retransmits the DPD hello.
4.
If the local end still receives no DPD acknowledgement after having made the maximum number of
retransmission attempts (two by default), it considers the peer already dead, and clears the IKE SA
and the IPsec SAs based on the IKE SA.
DPD enables an IKE entity to check the liveliness of its peer only when necessary. It generates less traffic
than the keepalive mechanism, which exchanges messages periodically.
Examples
# Create a DPD detector named dpd2.
<Sysname> system-view
[Sysname] ike dpd dpd2
Related commands
display ike dpd
interval-time
time-out

ike local-name

Use ike local-name to configure a name for the local security gateway.
Use undo ike local-name to restore the default.
Syntax
ike local-name name
undo ike local-name
Default
The device name is used as the name of the local security gateway.
Views
System view
Default command level
2: System level
338

Advertisement

Table of Contents
loading

This manual is also suitable for:

Hp 6600

Table of Contents