This is an issue in Nokia IP VPN gateway versions v6.3-110 and earlier. The Dead Peer Detection (DPD) feature doesn't function properly with Nokia Mobile VPN Clients and 3rd party VPN gateways.
When the feature is enabled, the two sides will send DPD packets to determine that both ends are still active. The DPD packets sent by the IP VPN gateway don't, however, fully conform to the specifications defined in the Dead Peer Detection RFC3706 and are not accepted by the Mobile VPN Client. After a while, if there's no application traffic in several minutes, the Mobile VPN Client will tear down the IKE and IPSec SA tunnels because the client hasn't received any valid DPD packets from the gateway side.
To avoid the problem, the Dead Peer Detection feature should be disabled in Nokia IP VPN gateway when the Nokia Mobile VPN Clients and 3rd party VPN gateways connect to the IP VPN gateway. By default, the feature is enabled. The Dead Peer Detection feature can be disabled via the VPN Manager in the following way:
- Go to VPN Global Properties / Policy menu
- Disable the option "Enable Dead Peer Detection"
- Apply the changes to the gateway
Imported from Nokia support database