Requesting DTLS Keepalive/DPD?
Chaskiel Grundman
cgrundman at gmail.com
Wed Jul 28 11:03:07 EDT 2010
I'm unable to reliably use DTLS through my home NAT router, and it
seems like I ought to be able to do something about that. According to
cisco (http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect20/release/notes/cvcrn200.html#wp728824)
it seems like the client can request dpd and keepalive, as opposed to
having the server say to use it. Do we know what headers are used to
request that? Alternatively, does anyone know how to configure the
server (an asa with 8.2(2)16) to tell the client to use
keepalive/dpd? I may be able to get the people who own my vpn server
to turn that on.
Thanks.
X-CSTP-Version: 1
X-CSTP-Address: ...
X-CSTP-Netmask: ...
X-CSTP-DNS: ...
X-CSTP-NBNS: ....
X-CSTP-Lease-Duration: 1209600
X-CSTP-Session-Timeout: none
X-CSTP-Idle-Timeout: 86400
X-CSTP-Disconnected-Timeout: 86400
X-CSTP-Default-Domain: ....
X-CSTP-Split-Include: ...
X-CSTP-Keep: true
X-CSTP-DPD: disabled
X-CSTP-Smartcard-Removal-Disconnect: true
X-CSTP-Content-Encoding: deflate
X-DTLS-Session-ID:...
X-DTLS-Port: 443
X-DTLS-DPD: disabled
X-CSTP-MTU: 1406
X-DTLS-CipherSuite: DES-CBC3-SHA
X-CSTP-Routing-Filtering-Ignore: false
CSTP connected. DPD 0, Keepalive 0
More information about the openconnect-devel
mailing list