Netgear SRX5308 SRX5308 Reference Manual - Page 199
Configuring Dead Peer Detection, Table 5-20. Keepalive Settings
UPC - 606449065145
View all Netgear SRX5308 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 199 highlights
ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual Table 5-20. Keepalive Settings Item Description (or Subfield and Description) General Enable Keepalive Select a radio button to specify if keepalive is enabled: • Yes. This feature is enabled. Periodically, the VPN firewall sends keepalive requests (ping packets) to the remote endpoint to keep the tunnel alive. You must enter the ping IP address, detection period, and the maximum number of keepalive requests that the VPN firewall sends (see below). • No. This feature is disabled. This is the default setting. Ping IP Address The IP address that the VPN firewall pings. The address must be of a host that can respond to ICMP ping requests. Detection Period The period in seconds between the keepalive requests. The default setting is 10 seconds. Reconnect after failure count The maximum number of keepalive requests before the VPN firewall tears down the connection and then attempts to reconnect to the remote endpoint. The default is 3 keepalive requests. 5. Click Apply to save your settings. Configuring Dead Peer Detection The Dead Peer Detection (DPD) feature maintains the IKE SA by exchanging periodic messages with the remote VPN peer. To configure DPD on a configured IKE policy: 1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs display, with the IKE Policies screen in view (see Figure 5-20 on page 5-22). 2. In the List of IKE Policies table, click the Edit table button to the right of the IKE policy that you want to edit. The Edit IKE Policy screen displays. (Figure 5-32 on page 5-58 shows only the IKE SA Parameters section of the screen). Virtual Private Networking Using IPsec Connections v1.0, April 2010 5-57