XPost: microsoft.public.windows.terminal_services   
   From: mike-newsgroup@-DELETETHISPART-.upcraft.com   
      
   Vince wrote:   
   > Mike,   
   >    
   > Thanks for the reply.  All routers ahve the same settings for the   
   > Advanced IPSec Options:   
   >                             Advanced IPsec Options   
   >    
   >             SA Lifetime seconds: 28800   
   >             SA Lifetime Kbytes: 0   
   >             Perfect Forward Secrecy: Yes   
   >             Dead Peer Detection: No   
   >             Maximum Packet Size: 1500   
   >    
   > These are the defaults, I did not alter them at all during setup.   
   > Should I alter them, or toggle Dead Peer Detection and have it ping the   
   > remote router LAN IP's?   
   >    
   > (From Firmware 8.5 user guide -   
   >   Note:   
   >   · ICMP Dead Peer Detection is not available when using manual   
   > re-keying.   
   >   · ICMP Dead Peer Detection does not initiate a series of phase 2   
   > exchanges instead initiates a new phase 1 negotiation, followed by a   
   > new phase 2 negotiation   
   > has been re-established.   
   >   · If you are using Multiple Network IPsec, the IP address of the   
   > ICMP Dead Peer   
   > constrained to the set of network ranges defined for the IPsec profile.)   
   >    
      
   That should be fine.   
      
   You can change it to 0 if you like, but it won't make any difference.   
      
   I suspect that something in your configuration is not correct.   
   If you want a quick way of dumping the configuration you can go into the   
   main menu and hit CTRL+N to drop into command line mode.   
      
   type:   
   "show config cp"   
   will dump out all the connection profile settings   
   Type:   
   "show config ike"   
   will dump out all the phase 1 ike details   
      
   If you want to be more specific you can just dump a single entry by typing   
   "show config cp 2"   
   "show config ike phase1 2"   
   Will dump entry number 2 for the connection profiles and IKE settings    
   respectively.   
      
   typing CTRL+N returns you to menu mode or you can type exit to drop the    
   telnet connection or reset to restart the device.  Some other useful    
   commands are "show ip route" to show the routing table.  "ping    
   192.168.1.1" is a quick way to run a ping test.   
      
      
   --    
   WARNING!  Email address has been altered for spam resistance.   
   Please remove the -deletethispart-. section before replying directly.   
   Mike Drechsler (mike-newsgroup@-deletethispart-.upcraft.com)   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)