Main Site
The ipsec tunnel betwen mail and recovery is down
but icmp / get route / udp connections port 500/4500 is fine
Main Site
Role Primary
Status Active
Enterprise VIP x.x.x..21
IPSec StatusTunnel Main-RecoveryDown
Tunnel Main-Witness Up
NodeStatusUp
Enterprise IP x.x.x.20
Cluster IP x.x.x4

Recovery Site

Role Secondary
Status Standby
Enterprise VIP x.y.x19
IPSec StatusTunnel Recovery-Main Down
Tunnel Recovery-Witness Up
NodeStatusUp
Enterprise IP x.y.x.18
Cluster IP x.y.x.2
have tac raised but they still not resolvoed. any one has expericned this situation