End-of-Life (EoL)

Define a Tunnel Monitoring Profile

A tunnel monitoring profile allows you to verify connectivity between the VPN peers; you can configure the tunnel interface to ping a destination IP address at a specified interval and specify the action if the communication across the tunnel is broken.
  1. Select
    Network Profiles
    . A default tunnel monitoring profile is available for use.
  2. Click
    , and enter a
    for the profile.
  3. Select the
    if the destination IP address is unreachable.
    • Wait Recover
      —the firewall waits for the tunnel to recover. It continues to use the tunnel interface in routing decisions as if the tunnel were still active.
    • Fail Over
      —forces traffic to a back-up path if one is available. The firewall disables the tunnel interface, and thereby disables any routes in the routing table that use the interface.
    In either case, the firewall attempts to accelerate the recovery by negotiating new IPSec keys.
  4. Specify the
    to trigger the specified action.
    The threshold specifies the number of heartbeats to wait before taking the specified action. The range is 2-100 and the default is 5.
    The Interval measures the time between heartbeats. The range is 2-10 and the default is 3 seconds.
  5. Attach the monitoring profile to the IPsec Tunnel configuration. See 8

Recommended For You