We have built an IPSEC tunnel between a CheckPoint firewall and a Cisco 3725 router. Every 5 minutes a server inside the firewall sends a "keepalive" packet to a server inside the router. The server logs a socket error indicating that the IPSEC socket has gone down. The server then goes through the effort to tear down his end of the tunnel,
re-exchange keys and bring up the socket.