The CLI command reset vpn ipsec-peer XXX tunnel XXX internally turns into the:
ipsec down XXX ipsec up XXX
This makes it wrong. According to CLI description, it should "Reset a specific tunnel for given peer", but it actually trying to reset IKE session that may even drop other tunnels between peers.
Most likely, the proper syntax should be:
ipsec down XXX{*} ipsec up XXX
The first command closes all the CHILD_SA instances of the connection name, and the second reestablish a tunnel.