Configuring Dead Peer Detection - NETGEAR FVX538v2 - ProSafe VPN Firewall Dual WAN Reference Manual

5. In the Ping IP Address boxes, enter an IP address on the remote LAN. This must be the
address of a host that can respond to ICMP ping requests.
6. Enter the Detection Period to set the time between ICMP ping requests. The default is 10
seconds.
7. In Reconnect after failure count, set the number of consecutive missed responses that will be
considered a tunnel connection failure. The default is 3 missed responses. When the VPN
firewall senses a tunnel connection failure, it forces a reestablishment of the tunnel.
8. Click Apply at the bottom of the screen.

Configuring Dead Peer Detection

The Dead Peer Detection feature maintains the IKE SA by exchanging periodic messages with the
remote VPN peer. To configure Dead Peer Detection on a configured IKE policy, follow these
steps:
1. Select VPN from the main menu and Policies from the submenu.
2. Click the IKE Policies tab, then click the edit button next to the desired VPN policy.
3. In the IKE SA Parameters section of the Edit IKE Policy screen, locate the Dead Peer
Detection configuration settings.
Figure 5-40
4. Click the Yes radio button to Enable Dead Peer Detection.
5. Enter the Detection Period to set the interval between consecutive DPD R-U-THERE
messages. DPD R-U-THERE messages are sent only when the IPSec traffic is idle. The
default is 10 seconds.
Virtual Private Networking
ProSafe VPN Firewall 200 FVX538 Reference Manual
v1.0, January 2010
5-43