Configure Keep-Alives And Dead Peer Detection; Configure Keep-Alives - NETGEAR UTM5 Reference Manual

Prosecure unified threat management appliance

Hide thumbs Also See for UTM5:

Table of Contents

Configure Keep-Alives and Dead Peer Detection

In some cases, you might not want a VPN tunnel to be disconnected when traffic is idle, for

example, when client-server applications over the tunnel cannot tolerate the tunnel

establishment time. If you require a VPN tunnel to remain connected, you can use the

keep-alive and Dead Peer Detection (DPD) features to prevent the tunnel from being

disconnected and to force a reconnection if the tunnel disconnects for any reason.

For DPD to function, the peer VPN device on the other end of the tunnel also needs to

support DPD. Keep-alive, though less reliable than DPD, does not require any support from

the peer device.

The keep-alive feature maintains the IPSec SA by sending periodic ping requests to a host

across the tunnel and monitoring the replies.

To configure the keep-alive feature on a configured VPN policy:

Select VPN > IPSec VPN > VPN Policies. The VPN Policies screen displays (see

on page 283).

In the List of VPN Policies table, click the Edit table button to the right of the VPN policy that

you want to edit. The Edit VPN Policy screen displays. (The following figure shows only the

top part of a UTM50 screen with the General section).

ProSecure Unified Threat Management (UTM) Appliance

Virtual Private Networking Using IPSec Connections

Utm9s Utm10 Utm150 Utm25 Utm50