NETGEAR UTM5-100NAS Network Hardware User Manual


 
ProSecure Unified Threat Management (UTM) Appliance Reference Manual
Virtual Private Networking Using IPsec Connections 7-57
v1.0, January 2010
4. Enter the settings as explained in Table 7-20.
5. Click Apply to save your settings.
Configuring Dead Peer Connection
The Dead Peer Detection (DPD) feature maintains the IKE SA by exchanging periodic messages
with the remote VPN peer. To configure DPD on a configured IKE policy:
1. Select VPN > IPSec VPN from the menu. The IPsec VPN submenu tabs appear with the IKE
Policies screen in view (see Figure 7-20 on page 7-24).
2. In the List of IKE Policies table, click the Edit table button to the right of the IKE policy that
you want to edit. The Edit IKE Policy screen displays. (Figure 7-31 on page 7-56 shows only
the top part of the screen with the General section).
Table 7-20. Keepalive Settings
Item Description (or Subfield and Description)
General
Enable Keepalive Select the Yes radio button to enable the Keepalive feature. Periodically, the
UTM sends ping packets to the remote endpoint to keep the tunnel alive. You
must enter the ping IP address, detection period, and the maximum number
of times that the UTM attempts to reconnect (see below).
Ping IP Address The IP address that the UTM pings. The address must be
of a host that can respond to ICMP ping requests.
Detection period The period in seconds between the ping packets. The
default setting is 10 seconds.
Reconnect after
failure count
The number of consecutive missed responses that are
considered a tunnel connection failure. The default
setting is 3 missed responses.