Edimax Technology ER-1088 User Manual

Figure 6-3: IPSec Policy Options

Settings – IPSec Policy Options

Dead Peer Detection
Feature

• Dead Peer Detection (DPD) – If set to Enable, a device will

periodically send HELLO/ACK messages to check if the tunnel is
alive when both peers of a VPN tunnel provide DPD mechanism.
Once a dead peer is detected, a device will end the connection so it
can be re-established. This is the primary method of VPN failover or
backup.

• Detection – If set to Enable, this will enable the following Check

Method which you have selected to work:

• Check Method:

1. Heartbeat

–

Sends a unidirectional (‘HELLO’ only) message to

determine connection aliveness.

2. ICMP Host

–

It uses ICMP packets to determine connection

aliveness

3. DPD (RFC 3706) – Uses a bi-directional (‘HELLO/ACK’) message

to determine connection aliveness.

• Check After Idle – Indicates the time period in which no traffic

Page 59