Support User Manuals

NETGEAR UTM5EW-100NAS Router User Manual

Open as PDF

of 704

Virtual Private Networking Using IPSec, PPTP, or L2TP Connections

305

ProSecure Unified Threat Management (UTM) Appliance

Enable Keepalive

Note: See also

Configure Keep-Alives

and Dead Peer

Detection on page 328.

Select a radio button to specify if keep-alive is enabled:

• Yes. This feature is enabled: Periodically, the UTM sends keep-alive

requests (ping packets) to the remote endpoint to keep the tunnel alive. You

need to specify the ping IP address in the Ping IP Address field, the

detection period in the Detection Period field, and the maximum number of

keep-alive requests that the UTM sends in the Reconnect after failure count

field.

• No. This feature is disabled. This is the default setting.

Ping IP Address The IP address that the UTM pings. The address needs to

be of a host that can respond to ICMP ping requests.

Detection Period The period in seconds between the keep-alive requests. The

default setting is 10 seconds.

Reconnect after

failure count

The maximum number of keep-alive requests before the

UTM tears down the connection and then attempts to

reconnect to the remote endpoint. The default setting is

3 keep-alive requests.

Traffic Selection

Local IP From the drop-down list, select the address or addresses that are part of the

VPN tunnel on the UTM:

• Any. All computers and devices on the network.

• Single. A single IP address on the network. Enter the IP address in the Start

IP Address field.

• Range. A range of IP addresses on the network. Enter the starting IP

address in the Start IP Address field and the ending IP address in the End

IP Address field.

• Subnet. A subnet on the network. Enter the starting IP address in the Start

IP Address field and the subnet mask in the Subnet Mask field.

Note: You cannot select Any for both the UTM and the remote endpoint.

Remote IP From the drop-down list, select the address or addresses that are part of the

VPN tunnel on the remote endpoint. The selections are the same as for the

Local IP drop-down list.

Manual Policy Parameters

Note: These fields apply only when you select Manual Policy as the policy type. When you specify the

settings for the fields in this section, a security association (SA) is created.

SPI-Incoming The Security Parameters Index (SPI) for the inbound policy. Enter a

hexadecimal value between 3 and 8 characters (for example, 0x1234).

Table 74. Add New VPN Policy screen settings (continued)

Setting Description

previous next