Disable Rekey Checkbox Should be Disabled on New IPsec Tunnels
When a new IPsec Phase 1 tunnel is created the Disable Rekey checkbox is checked by default.
I would argue that the default there should be unchecked as checked/disabled is almost never what one would want.
Users use the defaults not knowing any differently.
This has been shown to break IPsec to AWS VPC and Cisco ASAs.