OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: iislas18 on December 17, 2018, 04:21:50 pm

Title: Dead Peer detection
Post by: iislas18 on December 17, 2018, 04:21:50 pm

How does dead peer detection work for site to site VPN using IPsec? I have read some articles but the version associated with those articles are for 1.2, but I am on 18.7. Does this utilize ICMP or is it used to detect IKEv1/IKEv2 failure?

Title: Re: Dead Peer detection
Post by: mimugmail on December 17, 2018, 05:38:01 pm

Ike keepalive

Title: Re: Dead Peer detection
Post by: iislas18 on December 17, 2018, 06:49:21 pm

Thanks for the reply. So here is my scenario: I am using Opnsense here and have a site to site IPsec setup to a meraki firewall. The meraki firewall does have a 2nd WAN IP. If the active WAN IP goes and transitions to the 2nd WAN IP how does dead peer detection work? Does it detect that the active WAN IP is down due to no traffic? and does the opnsense keep trying to establish a tunnel with the previous WAN IP?