Whenever the IKE TCP port is changed, all the tunnels over UDP and TCP will be flushed automatically, may it be in v7.4.2+ or v7.6.x

After changing the IKE TCP Port from 4500 to any other port on FortiOS 7.4.2 through 7.4.7, one will observe that all the tunnels will go down when checking VPN > IPsec tunnels, be missing from Dashboard > Network > IPSec Monitor, and will not go up.

After changing, specifically, from IKE TCP 4500 to any other port, it will be necessary to restart the IKE process so that the tunnels can start working again:

diag vpn ike restart

This issue does not reoccur the next time the IKE TCP Port is changed from any port (except TCP 4500) to any other port.

Examples:

1. Changing from IKE TCP 4500 to IKE TCP 4501, the issue will occur. Then # diag vpn ike restart must be run on the CLI.
2. Changing from IKE TCP 4501 to IKE TCP 4502, the issue will not reoccur because the change is not from IKE TCP 4500 to any other TCP port.

Note: Starting from v7.6.x, this issue is not present.