Tunnel went down all of a sudden and now we can't get the thing to come back up. We've rebuilt several times, swapped out PSKs, just about everything we can think of. Hoping maybe someone has some insight.
Here are debugs on the FPR side (responder)
Message #488 : IKEv2-PROTO-7: (258): SM Trace-> SA: I_SPI=C13A16583F7D4ED8 R_SPI=B609EEBD3422C056 (R) MsgID = 00000001 CurState: R_VERIFY_AUTH Event: EV_SVC_TMO
Message #489 : IKEv2-PROTO-7: (258): Action: Action_Null
Message #490 : IKEv2-PROTO-7: (258): SM Trace-> SA: I_SPI=C13A16583F7D4ED8 R_SPI=B609EEBD3422C056 (R) MsgID = 00000001 CurState: R_VERIFY_AUTH Event: EV_AUTH_FAIL
Message #491 : IKEv2-PROTO-4: (258): Verification of peer's authentication data FAILED
Message #492 : IKEv2-PROTO-4: (258): Sending authentication failure notify
Message #493 : IKEv2-PROTO-4: (258): Building packet for encryption.
Message #494 : (258):
Payload contents:
Message #495 : (258): NOTIFY(AUTHENTICATION_FAILED)Message #496 : (258): Next payload: NONE, reserved: 0x0, length: 8
Message #497 : (258): Security protocol id: IKE, spi size: 0, type: AUTHENTICATION_FAILED
Message #498 : IKEv2-PROTO-7: (258): SM Trace-> SA: I_SPI=C13A16583F7D4ED8 R_SPI=B609EEBD3422C056 (R) MsgID = 00000001 CurState: R_VERIFY_AUTH Event: EV_ENCRYPT_MSG
to note, logs show PSK and cryptomap proxy match and pass successfully.