Recently we noticed some SIP invite timeout to SIP client through IPsec vpn at our sip agent server logs.
While checking firewall logs we noticed there are a few drops with information first packet not syn dropped by firewall with same source as previous accept vpn encrypt log hours later(looks like always more than 1 and half hour).
That specific traffic passing through internal firewall (no drop log) and reach perimeter firewall which hosting vpn connections. It suppose get encrypted and passing through vpn tunnel.
IPsec looks fine because other traffic passing through without problem at the same time. Just wondering if there's any session timeout mismatch.
Firewall running R81.10