Connection timeout, Interoperability – equinux VPN Tracker 6.4.6 User Manual

Connection Timeout

The default settings are more than sufficient for most setups. Only in extreme
network environments with high packet loss or extremely high latency will
you have to increase the timeout (and/or the number of times VPN Tracker
attempts to resend a packet).

Availability: always

Interoperability

Send INITIAL-CONTACT Message

For some devices it is necessary to send this message when establishing a
VPN connection in order to tell the VPN gateway to clean up “old” VPN con-
nections. However, some devices will disconnect other VPN users upon receiv-
ing this message (in particular if multiple VPN users connect from the same
public IP address, or when users share an XAUTH account).

Availability: According to the selected device profile.

Advertise as Dead Peer Detection Capable

VPN Tracker supports Dead Peer Detection (DPD) to detect if the other end of
the connection is no longer responding. When this setting is turned on, VPN
Tracker will tell the VPN gateway that it supports Dead Peer Detection.

For most VPN gateways (whether they support Dead Peer Detection or not)
this option should be turned on. Only turn it off if you suspect that VPN
Tracker offering to perform Dead Peer Detection causes a problem on the VPN
gateway, or if the VPN gateway’s Dead Peer Detection implementation is
broken.

Related Settings: Advanced > Interoperability > Perform active Dead Peer
Detection

Availability: According to the selected device profile.

Perform active Dead Peer Detection every ... seconds, if necessary

If the VPN gateway is Dead Peer Detection capable, but does not perform
Dead Peer Detection itself, VPN Tracker can perform Dead Peer Detection.

For most VPN gateways (whether they support Dead Peer Detection or not)
this option should be turned on. Only turn it off if you suspect that VPN
Tracker performing Dead Peer Detection causes problems (such as unex-
pected disconnects).

Related Settings: Advanced > Interoperability > Advertise as Dead Peer De-
tection Capable

Availability: According to the selected device profile.

Use ... as the Application Version during Mode Config

When performing Mode Config (or EasyVPN), VPN Tracker will identify itself as
“VPN Tracker 6”. Identifying as a different client or version may be necessary to
work together with some VPN gateways.

To identify as a specific client, simply enter its name and version, e.g. “Cisco
Systems VPN Client 4.8.0:Linux”.

Related Settings: Basic > Network Configuration

Availability: Only available with a custom device profile or a Cisco device
profile when using Mode Config or EasyVPN.

Send Cisco Unity Vendor ID

This setting is necessary in order to use certain Cisco-specific extensions, such
as EasyVPN. Turn on this setting if you are connecting to a Cisco device using
a custom device profile (it is not necessary to use this setting when using one
of the Cisco device profiles shipping with VPN Tracker).

Availability: Only available using a custom device profile. The setting is not
necessary when using one of the Cisco device profiles.

57