[x]

Configuring IKE > Configuring the IKE NAT keepalive feature

 

 Next

Configuring the IKE NAT keepalive feature

If IPsec traffic passes through a NAT device, you must configure the NAT traversal feature. If no packet travels across an IPsec tunnel in a period of time, the NAT sessions are aged and deleted, disabling the tunnel from transmitting data to the intended end. To prevent NAT sessions from being aged, configure the NAT keepalive feature on the IKE gateway behind the NAT device to send NAT keepalive packets to its peer periodically to keep the NAT session alive.

To configure the IKE NAT keepalive feature:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Set the IKE NAT keepalive interval.

ike nat-keepalive seconds

The default interval is 20 seconds.

prev

 

up

 next

Configuring the IKE keepalive feature 

home

 Configuring IKE DPD

© Copyright 2016 Hewlett Packard Enterprise Development LP