Anyone able to tell me if the tunnel is flapping by looking at these tunnel messages from our FAZ? I can do some debugging too, just thought it was weird about the constant negotiations/installs of the SA.
The best way you will find to really know if a Phase1 and a Phase2 are up or not it's via SNMP Polling.
VPN activity logs are not so useful in my opinion; you will find better information via CLI command like "diagnose vpn tunnel list" and so on but these ones give you a "pics" of the status in that specific moment.
