There is 1 tunnel with 1 subnet show security ike security-associations But it is still an issue and I can't figure out for the life of me why this is happening. This is running very stable compared to when I was seeing 20+ IKE sa's. Occasionally we are seeing drops on the VPN tunnel for brief moments, during those times another ike sa tends to show up with the old ones remaining. Today I am seeing a duplicate of IPSEC sa's (which I have not seen prior to today). but even now I am getting very odd results. I have managed to lower the number of IKE sessions I'm seeing by asking the remote side to disable the persistant connection establishment option on the check point (we were seeing ~20-30 IKE SAs!). I have been having a ton of issues with a VPN connection between a SRX-240H and a Check Point device.
