ProSafe Gigabit 8 Port VPN Firewall FVS318G Reference Manual
4.In the General section of the Edit VPN Policy screen, locate the keepalive configuration settings.
Figure
5.Click the Yes radio button to enable keepalive.
6.In the Ping IP Address boxes, enter an IP address on the remote LAN. This must be the address of a host that can respond to ICMP ping requests.
7.Enter the Detection Period to set the time between ICMP ping requests. The default is 10 seconds.
8.In Reconnect after failure count, set the number of consecutive missed responses that will be considered a tunnel connection failure. The default is 3 missed responses. When the VPN firewall senses a tunnel connection failure, it forces a reestablishment of the tunnel.
9.Click Apply at the bottom of the screen.
Configuring Dead Peer Detection
The Dead Peer Detection feature maintains the IKE SA by exchanging periodic messages with the remote VPN peer. To configure Dead Peer Detection on a configured IKE policy, follow these steps:
1.Select VPN from the main menu and Policies from the submenu. The Policies submenu tabs appear with the IKE Policies screen in view (see Figure
2.In the List of IKE Policies table, click the edit button to the right of the IKE policy that you want to edit. The Edit IKE Policy screen displays.
Virtual Private Networking |
