Do Huawei Cloud VPNs Have the DPD Mechanism Enabled?
Yes.
Huawei Cloud VPNs have the DPD mechanism enabled by default to detect the IKE process status in the on-premises data center.
After three consecutive detection failures, Huawei Cloud considers that the IKE process in the on-premises data center is abnormal. In this case, Huawei Cloud deletes the local tunnel to ensure tunnel synchronization between the two ends.
The DPD protocol does not require that the peer end be configured synchronously, but requires that the peer end can respond to DPD detections. To ensure that the tunnel status of the two ends is consistent and avoid that one end has a tunnel and the other not, it is recommended that you enable the DPD mechanism on your on-premises gateway to detect the IKE process status of the VPN service on Huawei Cloud.
After DPD fails, the tunnel will be deleted without affecting service stability.
DPD can detect exceptions in the IKE process at the peer end in time and reset the tunnel to ensure tunnel synchronization between the two ends. After a tunnel is deleted, if there is traffic transmitted over the tunnel, the tunnel can be re-established through negotiation.
VPN Negotiation and Interconnection FAQs
- What Devices Can Be Connected to Huawei Cloud Through a VPN?
- What Are VPN Negotiation Parameters? What Are Their Default Values?
- Will an IPsec VPN Connection Be Established Automatically?
- How Do I Configure a VPN on an On-premises Device? (Configuring the VPN on a Huawei USG6600 Series Firewall)
- How Should I Configure an On-premises Gateway When I Use a VPN to Connect to the Cloud?
- Can Huawei Cloud VPN Connect to a Remote Gateway Through a Domain Name?
- How Many Tunnels Does My VPN Connection Have?
- How Do I Allow Specific Servers to Access a VPC Subnet Through a Created VPN Connection?
- Do Huawei Cloud VPNs Have the DPD Mechanism Enabled?
- How Can I Use Security Groups to Prevent ECSs in a VPC From Being Accessed Through a VPN to Implement Security Isolation?
- Will a VPN Connection Be Reestablished After Its Configuration Is Modified?
- Why Cannot I Initiate Negotiation from Amazon Web Services to Huawei Cloud After They Are Interconnected?
- How Do I Configure DPD for Interconnecting with Huawei Cloud?
- What Should I Do If My Firewall Cannot Receive Response Packets from the Huawei Cloud VPN Gateway in the IKE Phase?
- What Should I Do If My Firewall Cannot Receive Response Packets from the Huawei Cloud VPN Subnet?
- What Are the Bits of the DH Groups Used by Huawei Cloud VPN?
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbotmore