The unexplainable "Tunnel has been torn down" logs coincide with bouts of user complaints. There's no indication that the tunnel is actually going down or being rekey'd. And before migrating from 6.3 to 7.2 life was good (and since we rolled back to 6.3 because of this problem life has been good too - can't stay at 6 forever though).
TAC's telling me not to use PAT towards the IPSec tunnel suggesting a nat-0 or static instead, which isn't really an option I'm afraid.
Re: 302014: Teardown TCP connection - Tunnel has been torn down
I've got exactly the same issue at a customer of mine, it seems to hit vpns between pix 7.x releases (tried several, including 7.22) and at least 1812 ios 12.4.(9)T2.
It seems that during ipsec rekeying pix closes all connections with outside addresses linked to that tunnel.
The funny thing is that I've shortened the rekeyng time in order to speed up the tests, at 600 seconds and 3600 seconds (the default) the issue shows up almost on each rekey, at 120 seconds (the minimum) the issue seems to disappear!!!
With another 1812 or an asa (7.22 release) at the other end in place of the pix the issue seems to disappear also.
Tried also to create a new vpn from the same pix and a second 1812 with 12.4.(9)T11 release and the issue doesn't shows up, but that's another environment.
Now I'm shipping a new 1812 with the latest release at the customer site and see what happens.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...