Ipv6 – equinux VPN Tracker 8.1.1 User Manual

Perform active Dead Peer Detection every ... seconds, if necessary

If the VPN gateway is Dead Peer Detection capable, but does not perform
Dead Peer Detection itself, VPN Tracker can perform Dead Peer Detection.

For most VPN gateways (whether they support Dead Peer Detection or not)
this option should be turned on. Only turn it off if you suspect that VPN
Tracker performing Dead Peer Detection causes problems (such as unex-
pected disconnects because the VPN gateway is not responding but the VPN
is working anyway).

Related Settings: Advanced > Interoperability > Advertise as Dead Peer De-
tection Capable

Availability: According to the selected device profile.

Use ... as the Application Version during Mode Config

When performing Mode Config (or EasyVPN), VPN Tracker will identify itself as
“VPN Tracker 8”. Identifying as a different client or version may be necessary to
work with some VPN gateways.

To identify as a specific client, simply enter its name and version, e.g. “Cisco
Systems VPN Client 4.8.0:Linux”.

Related Settings: Basic > Network Configuration

Availability: Available with a custom device profile or a Cisco device profile
when using Mode Config or EasyVPN.

Send Cisco Unity Vendor ID

This setting is necessary in order to use certain Cisco-specific extensions, such
as EasyVPN. Turn on this setting if you are connecting to a Cisco device using
a custom device profile (it is not necessary to use this setting when using one
of the Cisco device profiles shipping with VPN Tracker).

Availability: Only available using a custom device profile. The setting is
automatically used in all Cisco device profiles.

Send Cisco Firewall Attribute during Mode Config

When checked, VPN Tracker will send a special attribute indicating the pres-
ence of a firewall. This may help to successfully connect to some Cisco de-
vices.

Related Settings: Basic > Network Configuration

Availability: Only available with custom device profiles or Cisco device pro-
files when using EasyVPN (or Mode Config with the “Send Cisco Unity Ven-
dor ID” option turned on).

Establish a Shared Tunnel to 0.0.0.0/0 for Split-Tunneling

When checked, VPN Tracker will establish a single tunnel (Security Association,
SA) to 0.0.0.0/0 and set suitable routes to achieve split-tunneling. This can no-
ticeably speed up connecting to a Cisco VPN gateway with multiple remote
networks using EasyVPN and resolve issues with idle timeouts for those con-
nections.

This setting should be turned on when connecting to Cisco devices using
Cisco EasyVPN.

Related Settings: Basic > Network Configuration
Advanced > Phase 2 > Establish a separate phase 2 tunnel for each remote
network

Availability: Available when EasyVPN is used and “Establish a separate
phase 2 tunnel for each remote network” is turned off.

IPv6

Prefer IPv6 VPN gateway address, if available

You will not normally need to change this setting. If your VPN gateway is
reachable through IPv6 and its host name resolves to an IPv4 address as well
as to an IPv6 address, VPN Tracker will use the IPv6 address if this setting is
turned on.

Related Settings: Basic > VPN Gateway

55