Ticket #4791 (new enhancement)
Add Dead Peer Detection options to IPSec
|Reported by:||rdavies@…||Owned by:||jamor@…|
|Milestone:||nice to have someday||Component:||ipsec|
|Severity:||normal||Keywords:||ipsec dpd dead peer detection enhancement|
IPSec when it loses communication with the other end will not restablish the connection without human intervention.
Adding DPD (Dead Pear Detection) options to the IPSec module would overcome this.
For example, i have a postsetconf script to add these options to my connections:
dpddelay=30 dpdtimeout=120 dpdaction=restart
Would be really helpful if these options were configurable per connection on the GUI rather than resorting to a script to do this.