I am facing a similar issue that may or may not be related. In my case we see the ipsec come up and then a few hours later it stops working. Rebooting the master fixes. Removing and readding the master-redundancy config on the master fixes as well sometimes.
Seems like the master just stops responding to the backup after an hour or two, which we see in packet captures.
TAC have said that there was a bug relating to master-local ipsec that exhibited the same symptoms and was fixed in 6.4.4.1. The customer said that it was not working again, but couldn't confirm if is was immediately after the upgrade. I have just removed/readded the master-redundancy config on the master and it is now back up, so let's see how it is tomorrow.
kdisc98, your thread is interesting because now I am thinking we should try to see if it is stable with a certificate.
:-)