On Wed, 2010-07-28 at 11:03 -0400, Chaskiel Grundman wrote: > I'm unable to reliably use DTLS through my home NAT router, and it > seems like I ought to be able to do something about that. According to > cisco > (http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect20/release/notes/cvcrn200.html#wp728824) > it seems like the client can request dpd and keepalive, as opposed to > having the server say to use it. Do we know what headers are used to > request that? Try sending X-DTLS-DPD and X-DTLS-Keepalive headers with your CONNECT request? Alternatively, just start *sending* the DPD and Keepalive requests from your end (try a hack which sets the time to 30 seconds even if the server says 'disabled'). -- David Woodhouse Open Source Technology Centre David.Woodhouse at intel.com Intel Corporation
