Read many posts over the past week on this with a lot of different answers. Some say use DPD, some not use.
I noticed, when DPD enabled, it is polled every 30 seconds in the VPN log.
Question
What is the optimal setting for DPD Delay, Retries, Action, and Keyingtries for a 24/7 tunnel?
One more thing to clarify. I am using Windows 10 native client and IPsec IKEv2
Thanks for looking.
No one.....
I guess these settings really are a mystery.
I just tested my VPN still running after 24 hours. My DPD settings used are as follows
45 seconds - 5 retries - Restart the tunnel - 10 Keyingtries
Any comments?
Quote from: dcol on March 14, 2023, 04:10:21 PMNo one.....
I guess these settings really are a mystery.
I just tested my VPN still running after 24 hours. My DPD settings used are as follows
45 seconds - 5 retries - Restart the tunnel - 10 Keyingtries
Any comments?
Guessing you are using legacy tunnels?
I have a lot of clients with always-on tunnels over a less-reliable ISP (Shaw/Rogers Cable). They generally use a live booking/Client information database app at a central location, and satellite office access it via the tunnel. I have long (> 7 years) set my DPD to numbers like 31s and 59 retries with "restart the tunnel" as the DPD action.
I'm actually looking to translate these into the new connections settings, and I'm pretty frustrated by the extremely low quality of documentation I've been able to find.