Weird VPN tunnel Issue

Issue: We have an interesting/strange problem Two of our VPNs from our NYC office to AWS China locations are down (IPsec site 2 site). The NYC locations has other site to site tunnels that are up and working, including other AWS and foreign physical locations. AWS China locations (virtual fortigates) also have vpn tunnels up to other remote locations. Debugs on both sides show no issues with configs. Packet capture shows ICMP traffic going back and forth between firewall public IPs with no issues. However NYC receives and sends out UDP/500 packets for the tunnels in questions, AWS China locations however to not received UDP packets from NYC, only send them out to the NYC firewall (which it receives and replies to). - tried tunnel resets - Tried session clears on both firewalls(filtered) - Tried full session clear on the NYC firewall. Tried switching other backup ISP(Primary is Cogent). Found out thru Trace that backup ISP uses Cogent in their path… Any ideas on what to try and/or look at are most welcome.