I'm having an issue where it seems that when the same ip gets assigned first to daip peer a and then afterwards to DAIP peer b, the check point still "remembers" daip peer a and gives an auth fail on the ipsec negotiation. The funny thing is that the IP-interop device connection seems to reside in some cache even if you delete all ike+ipsec SAs for the peer through vpn tu. It also seems that vpn tu is not always successful in deleting the SAs even if i command it multiple times, so I wonder if that's the issue or if someone has stumbled upon the same problem before? It kinda sucks if you need to wait for the ipsec phase 1 to timeout in order to be able to get connected again on a new device with an old IP.
Any help appreciated