Keepalives or DPD packets are used to sense the other side of the tunnel and make sure its up/down. This allow the site to drop the SA if needed (and not wait until the idle timeout expires). The IPsec tunnels have an idle timeout for phase 1 SAs and phase 2 SAs for security reasons. Normally you don't want the tunnel to be up if not used.
Apr 06, 2018 Configure IPSec VPN Phase 1 Settings In the IKEv1 settings, you can enable Dead Peer Detection or IKE Keep-alive so that the Firebox detects when a tunnel has disconnected and automatically starts a new Phase 1 negotiation. Dead Peer Detection is an industry standard that is used by most IPSec devices. GRE Tunnel Keepalives - Cisco May 17, 2017 VPN Site to Site tunnel keeps dropping : sonicwall Feb 15, 2012
The VPN disconnects every day at 0540 (AM). I get a Syslog message on the server side LRT saying "Tunnel negotiation fail. DPD: No response from peer-declaring peer dead." 1 minute later, I get two additional messages for "ISAKMP SA establish" and "IPsec SA established". Both LRT routers show the VPN to be connected but I cannot ping between them.
GRE Tunnel Keepalives - Cisco May 17, 2017 VPN Site to Site tunnel keeps dropping : sonicwall Feb 15, 2012
Each VPN gateway in the VPN community that requires DPD monitoring must be configured with the tunnel_keepalive_method property, including any 3rd party VPN gateway. You cannot configure different monitoring mechanisms for the same gateway.
Select Enable Keep Alive to use heartbeat messages between peers on this VPN tunnel. If one end of the tunnel fails, using Keepalives will allow for the automatic. Renegotiation of the tunnel once both sides become available again without having to wait for the proposed Life Time to expire. Nerdy notes: CheckPoint VPN keepalive kills the tunnel CheckPoint VPN keepalive kills the tunnel I had the strangest experience when setting up a CheckPoint VPN device the other day. The tunnel built fine, but sometime between a few seconds and 1-2 minutes after coming up fine, it logged a "no proposal chosen" and went dead again. Keep Alive monitoring - Site24x7 Forum