Requesting DTLS Keepalive/DPD?
David Woodhouse
dwmw2 at infradead.org
Wed Jul 28 11:07:57 EDT 2010
On Wed, 2010-07-28 at 11:03 -0400, Chaskiel Grundman wrote:
> I'm unable to reliably use DTLS through my home NAT router, and it
> seems like I ought to be able to do something about that. According to
> cisco
> (http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect20/release/notes/cvcrn200.html#wp728824)
> it seems like the client can request dpd and keepalive, as opposed to
> having the server say to use it. Do we know what headers are used to
> request that?
Try sending X-DTLS-DPD and X-DTLS-Keepalive headers with your CONNECT
request?
Alternatively, just start *sending* the DPD and Keepalive requests from
your end (try a hack which sets the time to 30 seconds even if the
server says 'disabled').
--
David Woodhouse Open Source Technology Centre
David.Woodhouse at intel.com Intel Corporation
More information about the openconnect-devel
mailing list