05-13-2016 10:54 AM
When I look under Monitor -> Logs -> System, I see the following:
1. ipsec-key-delete: IPSec key deleted. Deleted SA <SA info> SPI:<hex dump>
2. ike-nego-p2-succ: IKE phase-2 negotiation is succeeded as responder, quick mode. Established SA <SA info> SPI: <hex dump>
3. ipsec-key-install: IPSec key installed. Installed SA <SA info> SPI: <hex dump>
We have several site to site tunnels on this firewall, some of them with multiple proxy id's. If I filter based on one specific proxy id, I see it going through this process frequently. Sometimes it is multiple times per minute, sometimes it goes ~5 minutes or so. The same occurs for numerous other proxy id's.
Is this something to be concerned about? It seems that I'm receiving delete messages that correspond to this behavior:
ike-recv-p2-delete: IKE protocol IPSec SA delete message received from peer. SPI: <hex dump>
