A tunnel monitoring profile allows you to
verify connectivity between the VPN peers; you can configure the
tunnel interface to ping a destination IP address at a specified
interval and specify the action if the communication across the
tunnel is broken.
A default tunnel monitoring profile is available for use.
, and enter a
to take if the
destination IP address is unreachable.
waits for the tunnel to recover. It continues to use the tunnel
interface in routing decisions as if the tunnel were still active.
—forces traffic to a back-up
path if one is available. The firewall disables the tunnel interface,
and thereby disables any routes in the routing table that use the
In either case, the firewall attempts
to accelerate the recovery by negotiating new IPSec keys.
trigger the specified action.
number of heartbeats to wait before taking the specified action
(range is 2-100; default is 5).
specifies the time
(in seconds) between heartbeats (range is 2-10; default is 3).