6: Networking
EMG™ Edge Management Gateway User Guide
93
Mode Config
In remote access scenarios, it is highly desirable to be able to push
configuration information such as the private IP address, a DNS server's IP
address, and so forth, to the client. This option defines which mode is used:
pull
where the config is pulled from the peer (the default), or
push
where
the config is pushed to the peer. Push mode is not supported with IKEv2.
Force Encapsulation
In some cases, for example when ESP packets are filtered or when a
broken IPsec peer does not properly recognise NAT, it can be useful to
force RFC-3948 encapsulation.
Dead Peer Detection
Sets the delay (in seconds) between Dead Peer Detection (RFC 3706)
keepalives (R_U_THERE, R_U_THERE_ACK) that are sent for the tunnel
(default 30 seconds). Dead Peer Detection can also be disabled.
Dead Peer Detection
Timeout
Sets the length of time (in seconds) the EMG will idle without hearing either
an R_U_THERE poll from the peer, or an R_U_THERE_ACK reply. The
default is 120 seconds. After this period has elapsed with no response and
no traffic, the EMG will declare the peer dead, remove the Security
Association (SA), and perform the action defined by
Dead Peer Detection
Action
.
Dead Peer Detection Action
When a Dead Peer Detection enabled peer is declared dead, the action that
should be taken.
Hold
(the default) means the tunnel will be put into a hold
status.
Clear
means the Security Association (SA) will be cleared.
Restart
means the SA will immediately be renegotiated.
Содержание EMG 8500
Страница 1: ...Part Number PMD 00008 Revision A October 2019 EMG Edge Management Gateway User Guide EMG 8500 ...
Страница 69: ...6 Networking EMG Edge Management Gateway User Guide 69 Figure 6 2 Network Network Settings 2 of 2 ...
Страница 302: ...14 Maintenance EMG Edge Management Gateway User Guide 302 Figure 14 12 About EMG ...