The IPsec tunnel of the Firewall/VPN connection to the Web Security Service (WSS) data center either won't pass traffic or is going down and then not being re-established (may stay connected for a time, but it keeps disconnecting).
There are many potential causes for an IPsec tunnel to go down which may not be directly related to WSS. Common causes of IPsec tunnel disconnects include, but are not limited to:
Follow these steps to better optimize your environment for a seamless experience with WSS.
* Remember, Cloud SWG supports up to 1 GBps of bandwidth per IPsec tunnel. Exceeding this limitation may result in performance issues. If you are unsure about how to split traffic between multiple public IPs exiting your network, contact Broadcom support for assistance.
For further information on IPsec tunnel requirements, see Connectivity: VPN Pre-Shared Key with Static IP.
NOTE: These steps are necessary for a typical environment to be optimized for a seamless experience with WSS, but they do not encompass the needs of every environment.
To address further issues, see the links to articles below: