Table of Contents
Advertisement
Chapter 18
Internet Key Exchange
Table 18-1
Add or Edit IKE Profile Fields
Element
Group Policy Lookup
Authorization Policy
User Authentication Policy
Dead Peer Discovery
OL-4015-12
Description
Specify an authorization policy that controls access to group policy
information on the
AAA
default—Choose default if you want to grant access to group
•
policy lookup information.
Policyname—To specify a policy, choose an existing policy in
•
the list.
Add—Click Add to create a policy in the displayed dialog.
•
Check User Authentication Policy if you want to allow
logins, or if you want to specify a user authentication policy to use
for XAuth logins. Choose one of the following options:
default—Choose default if you want to allow XAuth logins.
•
Policyname—If policies have been configured on the router,
•
they are displayed in this list and you can select a policy to use.
Click Add to create a policy in the displayed dialog and use it in this
IKE policy.
Click Dead Peer Discovery to enable the router to send dead peer
detection (DPD) messages to Easy VPN Remote clients. If a client
does not respond to DPD messages, the connection with it is
dropped.
Keepalive Interval—Specify the number of seconds between
•
DPD messages in the Keepalive Interval field. The range is
from 10 to 3600 seconds.
•
Retry Interval—Specify the number of seconds between retries
if DPD messages fail in the Retry Interval field. The range is
from 2 to 60 seconds.
Dead peer discovery helps manage connections without
administrator intervention, but it generates additional packets that
both peers must process in order to maintain the connection.
Cisco Router and Security Device Manager 2.5 User's Guide
Internet Key Exchange (IKE)
server.
XAuth
18-11
Advertisement
Table of Contents
Troubleshooting
