ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N

4.Enter the settings as explained in the following table:

Table 62. Keep-alive settings

Setting

Description

 

 

 

 

General

 

 

 

 

 

Enable Keepalive

Select the Yes radio button to enable the keep-alive feature. Periodically, the

 

wireless VPN firewall sends keep-alive requests (ping packets) to the remote

 

endpoint to keep the tunnel alive. You need to specify the ping IP address in the

 

Ping IP Address field, the detection period in the Detection Period field, and the

 

maximum number of keep-alive requests that the wireless VPN firewall sends in

 

the Reconnect after failure count field.

 

 

 

 

Ping IP Address

The IP address that the wireless VPN firewall pings. The

 

 

address should be of a host that can respond to ICMP ping

 

 

requests.

 

 

 

 

Detection Period

The period in seconds between the keep-alive requests. The

 

 

default setting is 10 seconds.

 

 

 

 

Reconnect after

The maximum number of keep-alive requests before the

 

failure count

wireless VPN firewall tears down the connection and then

 

 

attempts to reconnect to the remote endpoint. The default

 

 

setting is 3 keep-alive requests.

 

 

 

5.Click Apply to save your settings.

Configure Dead Peer Detection

The Dead Peer Detection (DPD) feature lets the wireless VPN firewall maintain the IKE SA by exchanging periodic messages with the remote VPN peer.

To configure DPD on a configured IKE policy:

1.Select VPN > IPSec VPN. The IPSec VPN submenu tabs display with the IKE Policies screen for IPv4 in view (see Figure 139 on page 223).

2.Specify the IP version for which you want to edit an IKE policy:

IPv4. In the upper right of the screen, the IPv4 radio button is already selected by default. Go to Step 3.

IPv6. Select the IPv6 radio button. The IKE Policies screen for IPv6 displays.

3.In the List of IKE Policies table, click the Edit table button to the right of the IKE policy that you want to edit. The Edit IKE Policy screen displays. (The following figure shows only the IKE SA Parameters section of the screen).

Virtual Private Networking Using IPSec and L2TP Connections

261

Page 261
Image 261
NETGEAR FVS318N Configure Dead Peer Detection,  To configure DPD on a configured IKE policy, Keep-alive settings, 261