Netgear FVS318N Benutzerhandbuch
Virtual Private Networking Using IPSec and L2TP Connections
261
ProSafe Wireless-N 8-Port Gigabit VPN Firewall FVS318N
4.
Enter the settings as explained in the following table:
5.
Click Apply to save your settings.
Configure Dead Peer Detection
The Dead Peer Detection (DPD) feature lets the wireless VPN firewall maintain the IKE SA
by exchanging periodic messages with the remote VPN peer.
by exchanging periodic messages with the remote VPN peer.
To configure DPD on a configured IKE policy:
1.
Select VPN > IPSec VPN. The IPSec VPN submenu tabs display with the IKE Policies
screen for IPv4 in view (see
screen for IPv4 in view (see
2.
Specify the IP version for which you want to edit an IKE policy:
•
IPv4. In the upper right of the screen, the IPv4 radio button is already selected by
default. Go to
default. Go to
.
•
IPv6. Select the IPv6 radio button. The IKE Policies screen for IPv6 displays.
3.
In the List of IKE Policies table, click the Edit table button to the right of the IKE policy that
you want to edit. The Edit IKE Policy screen displays. (The following figure shows only the
IKE SA Parameters section of the screen).
you want to edit. The Edit IKE Policy screen displays. (The following figure shows only the
IKE SA Parameters section of the screen).
Table 62. Keep-alive settings
Setting
Description
General
Enable Keepalive
Select the Yes radio button to enable the keep-alive feature. Periodically, the
wireless VPN firewall sends keep-alive requests (ping packets) to the remote
endpoint to keep the tunnel alive. You need to specify the ping IP address in the
Ping IP Address field, the detection period in the Detection Period field, and the
maximum number of keep-alive requests that the wireless VPN firewall sends in
the Reconnect after failure count field.
wireless VPN firewall sends keep-alive requests (ping packets) to the remote
endpoint to keep the tunnel alive. You need to specify the ping IP address in the
Ping IP Address field, the detection period in the Detection Period field, and the
maximum number of keep-alive requests that the wireless VPN firewall sends in
the Reconnect after failure count field.
Ping IP Address
The IP address that the wireless VPN firewall pings. The
address should be of a host that can respond to ICMP ping
requests.
address should be of a host that can respond to ICMP ping
requests.
Detection Period
The period in seconds between the keep-alive requests. The
default setting is 10 seconds.
default setting is 10 seconds.
Reconnect after
failure count
failure count
The maximum number of keep-alive requests before the
wireless VPN firewall tears down the connection and then
attempts to reconnect to the remote endpoint. The default
setting is 3 keep-alive requests.
wireless VPN firewall tears down the connection and then
attempts to reconnect to the remote endpoint. The default
setting is 3 keep-alive requests.