OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • Dead Peer detection
« previous next »
  • Print
Pages: [1]

Author Topic: Dead Peer detection  (Read 2080 times)

iislas18

  • Newbie
  • *
  • Posts: 18
  • Karma: 0
    • View Profile
Dead Peer detection
« on: December 17, 2018, 04:21:50 pm »
How does dead peer detection work for site to site VPN using IPsec? I have read some articles but the version associated with those articles are for 1.2, but I am on 18.7. Does this utilize ICMP or is it used to detect IKEv1/IKEv2 failure?
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6288
  • Karma: 432
    • View Profile
Re: Dead Peer detection
« Reply #1 on: December 17, 2018, 05:38:01 pm »
Ike keepalive
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

iislas18

  • Newbie
  • *
  • Posts: 18
  • Karma: 0
    • View Profile
Re: Dead Peer detection
« Reply #2 on: December 17, 2018, 06:49:21 pm »
Thanks for the reply. So here is my scenario: I am using Opnsense here and have a site to site IPsec setup to a meraki firewall. The meraki firewall does have a 2nd WAN IP. If the active WAN IP goes and transitions to the 2nd WAN IP how does dead peer detection work? Does it detect that the active WAN IP is down due to no traffic? and does the opnsense keep trying to establish a tunnel with the previous WAN IP?
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • Dead Peer detection
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2