Hi Manju, > * IKEv1 rekey happens every 300s, new IKE SAs are created and no IPsec > SAs are created. Should the system not recover on next IKEv1 rekey?
No, IKE rekeying does not affect CHILD_SAs. > * IPsec rekey timer is probably not of any use since IPsec SAs are not > present. Yep. You could use trap policies to (re-)create CHILD_SAs automatically if they get closed for some reason. Regards, Tobias
