Chapter16 VPN Global Settings
VPN Global Settings
16-4
Cisco Router and Security Device Manager 2.5 User’s Guide
OL-4015-12

XAuth Timeout

The number of seconds the router is to wait for a response from a system requiring
XAuth authentication.

Enable Dead Peer Detection (DPD)

Dead Peer Detection (DPD) enables a router to detect a dead peer and, if detected,
delete the IPSec and IKE security associations with that peer.
The Enable Dead Peer Detection checkbox is disabled when the Cisco IOS image
that the router is using does not support DPD.
Keepalive
Specify the number of seconds that the router should maintain a connection when
it is not being used.
Retry
Specify the number of seconds that the router should wait between attempts to
establish an IKE connection with a peer. The default value is ‘2’ seconds.
DPD Type
Select On Demand or Periodic.
If set to On Demand, DPD messages are sent on the basis of traffic patterns. For
example, if a router has to send outbound traffic and the liveliness of the peer is
questionable, the router sends a DPD message to query the status of the peer. If a
router has no traffic to send, it never sends a DPD message.
If set to Periodic, the router sends DPD messages at the interval specified by the
IKE Keepalive value.
VPN Global Settings: IPSec
Edit global IPSec settings in this window.