Netgear SRX5308 SRX5308 Reference Manual - Page 176
Table 5-12. Add VPN Policy Settings continued
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 176 highlights
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 5-12. Add VPN Policy Settings (continued) Item Description (or Subfield and Description) Enable Keepalive Select a radio button to specify if keepalive is enabled: • Yes. This feature is enabled. Periodically, the VPN firewall sends keepalive Note: See also requests (ping packets) to the remote endpoint to keep the tunnel alive. "Configuring Keepalives You must specify the ping IP address in the Ping IP Address field, and Dead Peer detection period in the Detection Period field, and the maximum number Detection" on page 5-55. of keepalive requests that the VPN firewall sends in the Reconnect after failure count field. • No. This feature is disabled. This is the default setting. Ping IP Address The IP address that the VPN firewall pings. The address must be of a host that can respond to ICMP ping requests. Detection Period The period in seconds between the keepalive requests. The default setting is 10 seconds. Reconnect after failure count The maximum number of keepalive requests before the VPN firewall tears down the connection and then attempts to reconnect to the remote endpoint. The default is 3 keepalive requests. Traffic Selection Local IP Remote IP From the drop-down list, select the address or addresses that are part of the VPN tunnel on the VPN firewall: • Any. All PCs and devices on the network. Note: You cannot select Any for both the VPN firewall and the remote endpoint. • Single. A single IP address on the network. Enter the IP address in the Start IP Address field. • Range. A range of IP addresses on the network. Enter the starting IP address in the Start IP Address field and the ending IP address in the End IP Address field. • Subnet. A subnet on the network. Enter the starting IP address in the Start IP Address field and the subnet mask in the Subnet Mask field. From the drop-down list, select the address or addresses that are part of the VPN tunnel on the remote endpoint. The menu choices are the same as for the Local IP drop-down list. Manual Policy Parameters Note: These fields apply only when you select Manual Policy as the policy type. When you specify the settings for the fields in this section, a security association (SA) is created. SPI-Incoming The Security Parameters Index (SPI) for the inbound policy. Enter a hexadecimal value between 3 and 8 characters (for example: 0x1234). 5-34 Virtual Private Networking Using IPsec Connections v1.0, April 2010