On Thu, 30 Aug 2012 14:42:11 +0000 "OBrien, Will" <obri...@missouri.edu> wrote:
> We've had issues with vpn monitor tearing down tunnels too often with > 10. code on SRXs. I'm currently trying out dead peer detection at the > ike level. I haven't found a good document that describes what dead > peer detection does - I know it send R-U-THERE etc, but I don't know > what it does when that fails. It'll removes the SA and tries to reinitiate the tunnel if it's configured that way. I only use DPD since years and it works quite reliable. -- Burkhard Ott System Administrator Revenuewire Inc. 1205 - 4464 Markham Street Victoria, BC V8Z 7X8 250-984-1132 _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
