Configuring Dead Peer Detection - NETGEAR DGFV338 ProSafe Reference Manual

DGFV338 ProSafe Wireless ADSL Modem VPN Firewall Router Reference Manual
3. In the General menu frame of the Edit VPN Policy menu, locate the keepalive configuration
settings, as shown in
Figure 5-29
4. Click the Yes radio button to Enable Keepalive.
5. In the Ping IP Address boxes, enter an IP address on the remote LAN. This must be the
address of a host that can respond to ICMP ping requests.
6. Enter the Detection Period to set the time between ICMP ping requests. The default is 10
seconds.
7. In Reconnect after failure count, set the number of consecutive missed responses that will be
considered a tunnel connection failure. The default is 3 missed responses. When the
DGFV338 senses a tunnel connection failure, it forces a reestablishment of the tunnel.
8. Click Apply at the bottom of the menu.

Configuring Dead Peer Detection

The Dead Peer Detection feature maintains the IKE SA by exchanging periodic messages with the
remote VPN peer, which must also support Dead Peer Detection. To configure Dead Peer
Detection on a configured IKE policy, follow these steps:
1. Select VPN from the main menu and Policies from the submenu.
2. Click the IKE Policies tab, then click the edit button next to the desired VPN policy.
Virtual Private Networking
Figure 5-29:
v1.0, May 2008
5-41