We have IPSec configured between Cisco ASA and Checkpoint NGX , the tunnel comes down once in a day and re-establishes after 2 hrs, we are facing this issue on a daily basis.
The SAs for phase1 and phase2 for ASA are 86400 secs and 3600 secs respectively .
Any suggestions would be of great help.
First of all, I made a mistake. In NGx R60
and higher, checkpoint has changed the location
of the user.def from $FWDIR/lib to $FWDIR/conf
directory. The new name of this file is
user.def.NGX_R60. Go figure.
These files are on the Checkpoint firewall,
not the ASA. The file is an ASCII file and
that you can read it with vi, cat or more.