IPSec VPN site-to-site does not reconnect after reboot

I think this is happening automatically from the rebooted / updated client. Or do you mean a reboot of the "server" side?
Can't remember that I had to restart this. Hovever I sometimes see issues that the "inside" tunnel / SA is not coming up or loosing some connections.

Well, XGS in my case is client, as it is initiating connection. Found in logs a lot of:

received IKE message with invalid SPI (32B7866C) from other side

Weird...
I lookup into config and my surprise, IPSec Policy was set almost every parameter wrong. SHA1 instead of AES in both phases, then DH2 instead of DH21 and so on. I have no idea where wrong parameters came from...

So, I set them as they should be and it looks not up and running without problems. Funny technology... :) 

Well, XGS in my case is client, as it is initiating connection. Found in logs a lot of:

received IKE message with invalid SPI (32B7866C) from other side

Weird...
I lookup into config and my surprise, IPSec Policy was set almost every parameter wrong. SHA1 instead of AES in both phases, then DH2 instead of DH21 and so on. I have no idea where wrong parameters came from...

So, I set them as they should be and it looks not up and running without problems. Funny technology... :) 

Hi Andrej Pirman 

Please try and  check the issue with the below setting and verify tunnel is coming up automatically or not : 

At Headoffice Firewall set Gateway type as Response only  and apply IKEv2 Policy : 

At Branch Office Firewall set  Gateway type as initiate the connection and apply IKEv2 Policy :  

Thanks and Regards

Hi Bharat J, thank you, but looks like entering correct IKE Phase 1 and 2 parameters did the trick. I don't know ho those got changed, but as soon as I changed them to match the other side, VPN went UP and is running smooth.