dpd-retries

crypto-ikev1/ikev2-policy commands

Sets the maximum number of times DPD keep-alive packets are sent to a peer. Once this value is exceeded, without a response from the peer, the VPN tunnel connection is declared dead. This option is available only for the IKEv1 policy.

Supported on the following devices:

Access Points: AP3000/X, AP5010, AP310i/e, AP410i/e, AP505i, AP510i, AP510e, AP560i, AP6522, AP6562, AP7161, AP7502, AP7522, AP7532, AP7562, AP7602, AP7612, AP7622, AP763, AP7662, AP8163, AP8543, AP8533.
Service Platforms: NX5500, NX7500, NX9500, NX9600
Virtual Platforms: CX9000, VX9000

Syntax

dpd-retries <1-100>

Parameters

dpd-retries <1-100>


<1-100>	Declares a peer dead after the specified number of retries. Specify a value from 1 - 100. The default is 5.

Example

nx9500-6C8809(config-profile-default-ap8533-ikev1-policy-ikev1-testpolicy)#dpd-retries 10

nx9500-6C8809(config-profile-default-ap8533-ikev1-policy-ikev1-testpolicy)#show context
 crypto ikev1 policy testpolicy
  dpd-keepalive 11
  dpd-retries 10
  isakmp-proposal default encryption aes-256 group 2 hash sha
nx9500-6C8809(config-profile-default-ap8533-ikev1-policy-ikev1-testpolicy)#