Why reboot if the vpn tunnel hangs you should try " clear crypto isa sa " and " clear crypto ipsec sa" and see if that fixes it. (I am assuming your talking about a remote site perspective) If you have many tunnels attached you can be more specific with your clear commands to clear specific sessions. You can configure like so
This sample configuration I made up off the top of my head so syntax may not be perfect.
username reset password reset username reset priv 5
privilege exec level 5 clear crypto isakmp privilege exec level 5 clear crypto ipsec sa privilege exec level 5 clear crypto privilege exec level 5 clear
then have them telnet in with username reset
If you have tacacs or radius this can all be done there (I'm taking local login into account)
you can also do some fancy automations with the autocommand keyword as well its all in the configuration guide google site search the index to find the commands
Bob Watson Implementation Engineer II ATT Datacomm