Manualshelf

Quick Reference Guide

ManualsBrandsNetgear ManualsNetworkingSRXN3205
151152153154155156157158159160
ProSafe Wireless-N VPN Firewall SRXN3205 Reference Manual
Virtual Private Networking Using IPsec 6-39
v1.0, January 2010
Configuring Dead Peer Detection
The Dead Peer Detection feature maintains the IKE SA by exchanging periodic messages with the
remote VPN peer. To configure Dead Peer Detection on a configured IKE policy, follow these
steps:
1. Select VPN > Policies from the main/submenu.
2. Click the IKE Policies tab, then click the edit button next to the desired VPN policy.
3. In the IKE SA Parameters section of the Edit IKE Policy screen, locate the Dead Peer
Detection configuration settings, as shown in Figure 6-22.
4. Click the Ye s radio button to Enable Dead Peer Detection.
5. Enter the Detection Period to set the interval between consecutive DPD R-U-THERE
messages. DPD R-U-THERE messages are sent only when the IPSec traffic is idle. The
default is 10 seconds.
6. In Reconnect after failure count, set the number of DPD failures allowed before tearing
down the connection. The default is 3 failures. When the VPN firewall senses an IKE
connection failure, it deletes the IPSec and IKE Security Association and forces a
reestablishment of the connection.
7. Click Apply at the bottom of the screen.
Figure 6-22