In L2L VPN over internet, MTU will be smaller than default 1500 bytes. Because of that SSL handshake can fail because of the Don't Fragment flag set in IPv4 header.
In this case I would either allowed and enabled ICMP Unreachable (recommended) or cle...
This sounds like a question for TAC, but what you can do is to go to expert mode and manually check /etc/ssl/server.* files.
I’m assuming that they were not replaced. In that case you can manually edit them and paste identity certificate and private,...