для Cisco Cisco ASR 5000
Context Configuration Mode Commands I-M
▀ ikev1 keepalive dpd
▄ Command Line Interface Reference, StarOS Release 18
2528
ikev1 keepalive dpd
Configures the ISAKMP IPSec Dead Peer Detection (DPD) message parameters for IKE v1 protocol.
Product
PDSN
HA
GGSN
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration
configure > context context_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-ctx)#
Syntax
[ no ] ikev1 keepalive dpd interval interval timeout time num-retry retries
no
Deletes previously configured IPSec DPD Protocol settings.
dpd interval
interval
Specifies the time interval (in seconds) at which IPSec DPD Protocol messages are sent.
interval
is an
integer from 10 through 3600.
timeout time
Specifies the amount of time (in seconds) allowed for receiving a response from the peer security gateway
prior to re-sending the message.
prior to re-sending the message.
time
is an integer from 10 through 3600.
num-retry retries
Specifies the maximum number of times that the system should attempt to reach the peer security gateway
prior to considering it unreachable.
prior to considering it unreachable.
retries
is an integer from 1 through 100.
Usage
Use this command to configure the ISAKMP dead peer detection parameters in IKE v1 protocol.
Tunnels belonging to crypto groups are perpetually kept “up” through the use of the IPSec Dead Peer
Detection (DPD) packets exchanged with the peer security gateway.
Tunnels belonging to crypto groups are perpetually kept “up” through the use of the IPSec Dead Peer
Detection (DPD) packets exchanged with the peer security gateway.
Important:
The peer security gateway must support RFC 3706 in order for this functionality to function
properly.