Controller Based WLANs

What VPN types support DPD (Dead Peer Detection) in Aruba?

Aruba Employee
Q:

What VPN types support DPD (Dead Peer Detection) in Aruba? 

Does Remote AP support DPD? 



A:

•    DPD is an IPSec traffic-based method that uses IKE to quickly and efficiently determine the liveliness of the remote VPN peer/switch. It does not recommend  periodic keepalives, but a method of sending liveliness requests only if the peer is idle and if the switch needs to send IPSec traffic to that peer. This drastically reduces the number of messages sent by IKE.  


•    DPD is currently supported only for Site-Site VPNs. The Aruba switch will initiate DPD exchanges for Site-Site VPNs only. It will not do so for client remote-access VPNs. This is because clients initiate the VPN towards the switch, and the switch does not initiate IKE to clients. 


•    DPD is also supported for Master - Local VPN.  


•    DPD is not supported for Remote-AP L2TP/IPSec VPN, because it already uses L2TP to detect the liveliness of the tunnel.  

Version history
Revision #:
2 of 2
Last update:
‎02-27-2017 03:14 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.