This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
raquinog
Participant
‎2020-08-25 04:30 PM
Jump to solution

What value does DPD have on timeout?

I have a S2S VPN with AWS, where I did the setting of the DPD value as indicated by their AWS best practices. (by default in R80.xx version it is enabled)

The AWS administrator indicates that it has configured the value "DPD Timeout (seconds) with value 30".

The AWS administrator ask me that on the Checkpoint side, which value has the same parameter "DPD Timeout" configured. However, I have already been looking for this value and I cannot find where the value is specified.

Does anyone know what DPD Timeout value does the Checkpoint use?

additional disconnections continue to occur in the VPN with AWS.
If from my side I generate traffic the VPN the tunnel is UP, however, if AWS tries to generate traffic it is not able to establish the VPN tunnel again.

0 Kudos
1 Solution

Accepted Solutions
Timothy_Hall
MVP Gold
MVP Gold
‎2020-08-28 06:03 AM
Jump to solution

I think DPD reuses the "life sign" timers located here in the SmartConsole:

DPD_Timers.jpg

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course

View solution in original post

3 Replies
PhoneBoy
Admin
Admin
‎2020-08-27 05:36 PM
Jump to solution

I'll be honest, I've never seen a timeout setting related to DPD.
Did you happen to configure a "permanent tunnel" which may be what you want here?
See Scenario 5 here: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos
_Val_
Admin
Admin
‎2020-08-28 12:25 AM
Jump to solution

AWS cannot initiate the tunnel, it has to be always open from CP side. Look into sk108600, specifically Scenario 5, for resolution steps. Timeout value does not matter, you just need to configure keep-alive properly, as the case specifies.

0 Kudos
Timothy_Hall
MVP Gold
MVP Gold
‎2020-08-28 06:03 AM
Jump to solution

I think DPD reuses the "life sign" timers located here in the SmartConsole:

DPD_Timers.jpg

Gaia 4.18 (R82) Immersion Tips, Tricks, & Best Practices Video Course
Now Available at https://shadowpeak.com/gaia4-18-immersion-course

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events