The IPsec tunnel of connect+ is based on an AWS service. This requires regular traffic from the customer side to keep the tunnel up and running.When no traffic is sent through IPSec, the IPsec tunnels can shut down. They are brought up as soon as traffic coming from the customer's application server comes through. The AWS documentation states that "The VPN tunnel is established when traffic is generated from your side of the VPN connection. The AWS endpoint is not the initiator; your customer gateway device must initiate the tunnels. "
To maintain the tunnel, we recommend that the customer side actively attempt to re-establish the IPsec tunnel (e.g., by running a cron job or setting up a ping from the application server to a wherever SIM endpoint).