Motorola 6161252-00-01, Enterprise Series Routers Remove Filter Set Advanced IP Profile Options

6-16 Administrator’s Handbook

The defaults are 5 seconds and 90 seconds, respectively. You may adjust these to suit your network’s tolerances.

Note:

•ICMP Dead Peer Detection is not available when using manual re-keying.

•ICMP Dead Peer Detection does not initiate a series of phase 2 exchanges upon detecting a dead peer; it instead initiates a new phase 1 negotiation, followed by a new phase 2 negotiation once contact with the peer has been re-established.

•If you are using Multiple Network IPsec, the IP address of the ICMP Dead Peer Detection mechanism must be constrained to the set of network ranges defined for the IPsec profile.

Press Escape to return to the Add or Change Connection Profile screen, and select IP Profile Parameters.

If you enable IKE key management the IP Profile Parameters screen appears.

IP Profile Parameters

Enter the IP Address or hostname of the remote tunnel endpoint.

•The Remote Tunnel Endpoint field accepts either an IP address in the familiar dotted–quad notation a.b.c.d or a hostname to be resolved using the Domain Name System (DNS).

Note: When the Remote Tunnel Endpoint is an IP address, it will drop IKE packets if they are not sourced from the Remote Tunnel Endpoint IP address.

When the Remote Tunnel Endpoint is a hostname, there is no check on the source address of the packet; hostnames are used/resolved only for initiating outgoing connections.