Site to Site VPN going down frequently with error "encryption failure: According to the policy the packet should not have been decrypted."
Site-to-Site VPN Troubleshooting on SonicWALL Security Appliances Tech Note (p.15) states:
Received notify: ISAKMP_AUTH_FAILED = Responder is reporting that preshared key is mismatched. Check settings on both peers.
There are other Check Point Firewall or Interoperable (Non-Check Point Firewall) objects with the same external IP address and encryption domain as the peer. Packets from the peer firewall are accepted, decrypted, and then dropped because the Check Point Firewall receiving the traffic cannot determine which firewall sent the packet.