Liveness Check
Focus
Focus
Network Security

Liveness Check

Table of Contents

Liveness Check

Where Can I Use This?
What Do I Need?
  • PAN-OS
No license required
The liveness check for IKEv2 is similar to Dead Peer Detection (DPD), which IKEv1 uses as the way to determine whether a peer is still available.
In IKEv2, the liveness check is achieved by any IKEv2 packet transmission or an empty informational message that the gateway sends to the peer at a configurable interval, 5 seconds by default. If necessary, the sender attempts the retransmission up to 10 times. If it doesn’t get a response, the sender closes and deletes the IKE_SA and corresponding CHILD_SAs. The sender will start over by sending out another IKE_SA_INIT message.

Recommended For You