Request
Frequency allows you to adjust the delay between these DPD packets. (Default: 15 seconds. Range: 2 – 30 seconds.)
Maximum
Requests: Specify how many requests to send at the selected time interval before the tunnel is considered dead. (Default: 5. Range:
2 – 10.)
Failback
Retry
Period: If you have VPN tunnel failover/failback enabled (see below), set the time period between each check on the primary
network after failover. (Default: 10 seconds. Range: 5 – 60 seconds.)
Failover
Tunnel and Failback
Tunnel: Use these settings to create two tunnels – one as the primary tunnel and one as the backup tunnel. To
configure tunnel failover/failback, complete the following steps:
1. Create two tunnels: one for primary and one for backup. Make sure that both tunnels have the same Remote
Network and that both have
Dead
Peer
Detection enabled.
2. Choose one to be the primary tunnel. Open the editor for this tunnel and make sure Tunnel
Enabled is selected. Then go to the Dead
Peer
Detection page. Under Failover
Tunnel select the other tunnel you have created.
3. Open the editor for the failover tunnel. Make sure Tunnel
Enabled is not selected. On the Dead
Peer
Detection page, set the Failback
Tunnel to your primary tunnel.
Global
VPN Settings
These settings apply to all configured VPN tunnels.
Enable
Certificate
Support: Enabling Certificate Support will allow you to load a certificate for VPN to the router. Click the "Upload Certificate"
button to browse for a certificate on a local device. Disabling certificate support will no longer use any previously loaded certificate but will not
delete it from the router. Only one certificate at a time is supported.
IKE /
ISAKMP Port: Internet Key Exchange / Internet Security Association and Key Management Protocol port. (Default: 500. This is a standard
VPN port that usually does not need to be changed.)
IKE /
ISAKMP NAT-T Port: Internet Key Exchange / Internet Security Association and Key Management Protocol network address translation
traversal port. (Default: 4500. This is a standard VPN NAT-T port that usually does not need to be changed.)
NAT-T KeepAlive
Interval: Number of seconds between sending NAT-T packets to keep the tunnel alive if no other traffic is being sent. (Default:
20 seconds. Range: 0-3600 seconds. 20 seconds will be sufficient in almost all cases.)
Tunnel
Connect
Retry: Number of seconds between connection attempts. (Default: 30 seconds. Range: 10-255 seconds. 30 seconds will be
sufficient in almost all cases.)
Figure 143: Global VPN Settings
114