The default lifetimes on the PIX are as follows:
ISAKMP (IKE) = 86400 seconds
IPSec (SA) = 28800 seconds
At each rekey interval, the specific key for that function of the tunnel will be rekeyed. You need
to make sure that the ISAKMP setting (including lifetime) and the ISAKMP keys match exactly between
the 2 devices. Also, you can use the following debugs to watch the connection build/fail which will give you a better idea on what account it is failing:
debug crypto ipsec
debug crypto isakmp
debug crypto engine