A virtual private network is a network that uses a public telecommunication infrastructure such as the Internet to create a secure virtual connection between two or more entities for communication. This is accomplished through the use of a “tunnel” between the two or more entities. A VPN may utilize various protocols to establish the tunnel and to secure communications between the sender and recipient. For example, one protocol is Internet Protocol Security (IPsec). In this protocol, each IP packet of a data stream is authenticated and encrypted and the protocol is used to protect data flows on the virtual private network.
Various events can cause a tunnel to become inactive and thus a VPN tunnel state needs to be checked periodically during an idle time. A handheld or mobile device utilizes a special VPN liveness check mechanism called dead peer detection (DPD). A DPD-based liveness check is performed by the VPN components on the client and the server. Such DPD activity is described in the Internet Engineering Task Force (IETF) request for comments (RFC) 3706, the contents of which are incorporated herein by reference. The document describes a method for detecting a dead Internet Key Exchange (IKE) peer. DPD utilizes IPsec traffic patterns to minimize the number of IKE messages that are needed to confirm liveness. The VPN client in a handheld initiates or requests a VPN liveness check when the VPN tunnel is in an idle state.
However, in some cases, VPN clients or servers do not support a DPD based liveness check. In other cases, a client or server may disable the DPD liveness check feature. If this is these situations, there may be no way to check that the VPN tunnel is still alive during an idle time. The VPN tunnel being down creates a situation where there is no service to the device, leading to delays in communication.