- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Using DPD on Dialup IPSec VPN Connections
Looking for the effects of enabling DPD on IPSec tunnels using Dialup connections.
We have a remote site with 2 ISP connections and our main site which also has 2 ISP connections. From each site, we have 2x tunnels connected on each ISP for a total of 4x tunnels.
We ran into an issue where one of the ISPs went down, but traffic was not redirected over either of the remaining 2 tunnels.
I want to enable DPD on these tunnels which is pretty straight forward, but I cannot find any information regarding the effects enabling DPD may have on a dialup connection and being a remote site, I don't want to inadvertently bring the site down.
Any input or advice would be greatly appreciated!
Solved! Go to Solution.
- Labels:
-
IPsec
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dialup/agressive/dynamic or static IPsec affects how IKE peering gets established.
DPD exchange (ISAKMP R-U-THERE/R-U-THERE-ACK messages) on the other hand starts happening between two peers AFTER the IKE peering has established. Therefore the method to establish IKE peering wouldn't affect to how DPD exchange would work, or vice versa.
Toshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dialup/agressive/dynamic or static IPsec affects how IKE peering gets established.
DPD exchange (ISAKMP R-U-THERE/R-U-THERE-ACK messages) on the other hand starts happening between two peers AFTER the IKE peering has established. Therefore the method to establish IKE peering wouldn't affect to how DPD exchange would work, or vice versa.
Toshi
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you!
That is what I was assuming, but assumptions can sometimes get the best of us.
