I am currently using a bunch of RV082's gateway to gateway, each with two Wan connections and configured for IKE failover via Dead Peer Detection (DPD). Currently all tunnels are set for both Keep-alive (KA) and DPD. Upon reading rfc 3706 it would seem that this is redundant. It appears that DPD is a more efficient replacement for KA. If so tunnels configured with both would be at best increasing overhead and at worst actually causing problems. My question: is my interpretation of rfc 3706 correct? If using DPD (as I must for IKE failover) can KA be unchecked? My worry is that Linksys has some non standard way of using one or both of these functions and killing KA would blow things up. I am trying to limit problems as these routers are in production. I guess I am just looking for someone smarter than me to give me a "yep, that sounds right" to help ease my hesitance. Thanks in advance! P.S. If we could solve this it might help people in the future. I can't find one document relating to configuring the RV082 with regards to DPD and IKE failover that explains the actual use of DPD, KA and the failover functions.