FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 258270
Description This article describes why the IPsec tunnel between FortiGate and iOS/iPadOS devices is terminated when the iOS/iPadOS device screen is locked.
Scope FortiOS, iOS, iPadOS.

It is expected behavior that the IPsec tunnel between FortiGate and iOS/iPadOS device (native iOS/iPadOS IPsec client) will be terminated shortly after the iOS device screen is locked. A few seconds after the iOS/iPadOS device screen is locked, the iOS/iPadOS device will send a request to FortiGate to terminate the IPsec tunnel:


diagnose debug application ike -1
diagnose debug enable

ike 0: recv IPsec SA delete, spi count 1
ike 0: deleting IPsec SA with SPI


MacOS devices will not terminate the tunnel after the screen is locked.