I have a vpn setup between a Cisco ASA 5505 and a CP NGX R65. The CP firewall is the remote side. The primary problem is that when a phase 1 rekey occurs it will often fail. Sometimes after a few hours it will come up on its own. At other times I clear the phase 1 and 2 sa's and the tunnel comes up. We have verified the phase 1 and 2 parameters and both sides match exactly. We have removed the crypto map and reapplied it as well. I've attached the sanitized running config. I would appreciate any help. Thanks for your time.