Filter
Top Products
Chapter 6
Advanced Features
E-DOC-CTC-20051017-0169 v0.1
201
6.9 Peer Options
Options list The peer options alter the behaviour of the VPN network. Options to be applied to
Peer entities are stored in named Option Lists. An Option List contains the following
options:
Local Address When multiple IP addresses are assigned to the SpeedTouch™, this option can
force a specific address to be used as the IP source address for the messages
transmitted by the peer. This setting has priority over the routing table entries.
Valid values are: all IP addresses assigned to the SpeedTouch™, regardless of the
interface the IP address is assigned to. Normally, only the use of a black IP address
makes sense for this option, since in the general case, the red IP addresses are not
routable in the public Internet.
NAT-Traversal Currently, the SpeedTouch™ supports the following draft rfcs related to NAT
Traversal: draft-ietf-ipsec-nat-t-ike-00, draft-ietf-ipsec-nat-t-ike-03 and draft-ietf-
ipsec-nat-t-ike-06.
By default, NAT-T is enabled, and the use of NAT-T is negotiated with the remote
peer. In case the remote peer does not support NAT-T, this option disables NAT-T in
the local SpeedTouch™.
Option Keyword Description
Local Address local addr Address used as source address
for tunnelled messages.
NAT-Traversal NAT-T Enables or disables NAT
Traversal.
Dead Peer Detection dpd Enables or disables Dead Peer
Detection
DPD Idle Period dpd_idle_period Worry period of the Dead Peer
Detection protocol.
DPD number of
Transmits
dpd_xmits Number of attempts for sending
R-U-THERE messages.
DPD Timeout dpd_timeout Timeout period for R-U-THERE
messages.
Tunnel inactivity
timeout
inactivity IKE session timeout period.
NAT-T Possible values default value
enabled
disabled
enabled