Table of Contents
Advertisement
4. Enter the settings as explained in
Table 7-20. Keepalive Settings
Item
General
Enable Keepalive
5. Click Apply to save your settings.
Configuring Dead Peer Connection
The Dead Peer Detection (DPD) feature maintains the IKE SA by exchanging periodic messages
with the remote VPN peer. To configure DPD on a configured IKE policy:
1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs appear with the IKE
Policies screen in view (see
2. In the List of IKE Policies table, click the Edit table button to the right of the IKE policy that
you want to edit. The Edit IKE Policy screen displays.
the top part of the screen with the General section).
Virtual Private Networking Using IPsec Connections
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Table
Description (or Subfield and Description)
Select the Yes radio button to enable the Keepalive feature. Periodically, the
UTM sends ping packets to the remote endpoint to keep the tunnel alive. You
must enter the ping IP address, detection period, and the maximum number
of times that the UTM attempts to reconnect (see below).
Ping IP Address
Detection period
Reconnect after
failure count
Figure 7-20 on page
v1.0, January 2010
7-20.
The IP address that the UTM pings. The address must be
of a host that can respond to ICMP ping requests.
The period in seconds between the ping packets. The
default setting is 10 seconds.
The number of consecutive missed responses that are
considered a tunnel connection failure. The default
setting is 3 missed responses.
7-24).
(Figure 7-31 on page 7-56
shows only
7-57
Advertisement
Table of Contents
Troubleshooting
