IPsec VPN dropped after an hour of connection with Cisco 800

Question

Hello Sophos Nerds 
 
 I recently configure a XG125 with (SFOS 17.5.9 MR-9) version as a replacement of X firewall , 
 Every thing great but i have a trouble in a IPsec VPN connection with Cisco 800 Router 
 >>>>> The Connection lost ( or Dropped ) after minutes "approx 30-60" from success connection established. 
 The Configuration of XG Firewall as :

The Configuration of Cisco 800 Router as follows : 
 crypto isakmp policy 1 encr 3des hash md5 authentication pre-share group 5 crypto isakmp key zzz-psk address xxx.x.xx.xxx ! ! crypto ipsec transform-set zzz-transformset esp-3des esp-sha-hmac mode tunnel ! ! ! crypto map zzz 10 ipsec-isakmp set peer xxx.x.xx.xxx set transform-set zzz-transformset match address 110 
 
 No solutions by searching Google . 
 Can Any one give a suggestion 
 Thanks in Advance 
 
 Best Regards 
 Suliman

FormerMember · Accepted Answer

Hi Suliman, 
 Thank you for the update. Please change Dead Peer Detraction setting to hold or disconnect as you have selected re-initiate and monitor the issue. I have seen this cause issues if it is set to re-initiate connection when gateway type is respond only. 
 Thanks,

FormerMember · Answer

Hi BeEf, 
 Run following command from advance shell to put the strongswan service in debug. 
 service strongswan:debug -ds nosync 
 Use same command to take debug off. 
 Once you have time stamp of the issue, check logs around that time and you should be able to find out which side is sending delete SA packets. 
 Thanks,

FormerMember · Answer

Hi Suliman, 
 If you have Connection type as initiate connection restarting the router would reconnect the IPsec connection, but if it is respond only than tunnel would not come up unless initiator side initiates the connection. 
 Thanks,