The IPsec tunnel of the Firewall/VPN connection to the Web Security Service (WSS) data center either won't pass traffic or is going down and then not being reestablished (may stay connected for a time, but it keeps disconnecting).
There are many potential causes for an IPsec tunnel to go down which may not be directly related to WSS. Common causes of IPsec tunnel disconnect include, but are not limited to:
Follow these steps to better optimize your environment for a seamless experience with WSS.
For further information on IPsec tunnel requirements, see Connectivity: VPN Pre-Shared Key with Static IP.
NOTE: These steps are necessary for a typical environment to be optimized for a seamless experience with WSS, but they do not encompass the needs of every environment.
To address further issues, see the links to articles below: