We had an incident where we have site to site VPNs coming into the Palo.  The connection dropped and they would not come backup, even after dropping the VPN on both devices.  The end result was a reboot of the firewall and it came back up.  What I saw in the logs is pasted below.  Customer support just said "As we can see from the Ike manager logs the firewall is receiving the first packet for IKE negotiation which accepts and sends the response but its not getting the reply."  Both sides could ping each other.    Ideas? ************ ====> PHASE-1 NEGOTIATION FAILED AS RESPONDER, MAIN MODE <==== ====> Failed SA: [500] cookie:b54ae8b7fae36f5b:a2a373bfed2ef054 <==== Due to timeout. 2020-03-05 04:23:39.000 -0600 [INFO]: { 4: }: ====> PHASE-1 SA DELETED <==== ====> Deleted SA: [500] cookie:b54ae8b7fae36f5b:a2a373bfed2ef054 <==== 2020-03-05 04:23:42.974 -0600 [PNTF]: { 4: }: ====> PHASE-1 NEGOTIATION STARTED AS RESPONDER, MAIN MODE <==== ====> Initiated SA: 4[500] cookie:1589d0bc1ca8cedd:b61975bbe41105ad <==== 2020-03-05 04:23:42.975 -0600 [INFO]: { 4: }: received Vendor ID: RFC 3947 2020-03-05 04:23:42.975 -0600 [INFO]: { 4: }: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03 2020-03-05 04:23:42.975 -0600 [INFO]: { 4: }: received Vendor ID: draft-ietf-ipsec-nat-t-ike-02 2020-03-05 04:23:42.975 -0600 [INFO]: { 4: }: received Vendor ID: draft-ietf-ipsec-nat-t-ike-00 2020-03-05 04:23:42.975 -0600 [INFO]: { 4: }: Selected NAT-T version: RFC 3947 2020-03-05 04:23:50.974 -0600 [INFO]: the packet is retransmitted from [500].   ... View more