Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DPD (Dead Peer Detection) under ISAKMP Profile

Hi All,

1) DPD can either be configured globally thus,

crypto isakmp keepalive 10 periodic

- this gives you a choice of On-demand (the default) or periodic (as in above example)

or under an ISAKMP Profile, eg.

crypto isakmp profile Fred-profile
   keyring FRED-KEYS
   match identity address <IP addr> 255.255.255.255 fred-vrf
   keepalive 10 retry 2

- this CLI Help does not give choice of on-demand or periodic

Does this mean DPD under ISAKMP profile can only do on-demand (not periodic) ? The debug output tends to suggest this.

2) Does the keepalive time need to be the same on both peers (I think not but would appreciate input).

Regards, MH

1210
Views
0
Helpful
0
Replies