ProSafe Gigabit Quad WAN SSL VPN Firewall SRX5308 Reference Manual
5-58 Virtual Private Networking Using IPsec Connections
v1.0, April 2010
3. In the IKE SA Parameters section of the screen, locate the DPD fields, and complete the fields
as explained Table 5-21.
4. Click Apply to save your settings.
Figure 5-32
Table 5-21. Dead Peer Detection Settings
Item Description (or Subfield and Description)
IKE SA Parameters
Enable Dead Peer
Detection
Select the Yes radio button to enable DPD. When the VPN firewall detects
an IKE connection failure, it deletes the IPsec and IKE SA and forces a
reestablishment of the connection. You must specify the detection period in
the Detection Period field and the maximum number of times that the VPN
firewall attempts to reconnect in the Reconnect after failure count field.
Detection Period The period in seconds between consecutive
“DPD R-U-THERE” messages, which are sent only when
the IPsec traffic is idle. The default setting is 10 seconds.
Reconnect after
failure count
The maximum number of DPD failures before the VPN
firewall tears down the connection and then attempts to
reconnect to the peer. The default is 3 failures.
To Next Page
Loading...
