I have 150+ vendors connected to our primary data center via site-to-site IPSEC VPN tunnels on ASA's. I want to also connect these vendors to my D/R data center and have these back-up tunnels (at each vendor location) become active whenever a primary tunnel fails. I need to view this solution from the vendor's ASA's since each vendor manages the devices on both ends of the tunnels (these are banks, etc. partners that don't allow us to manage our hardware on their network).
So, I'm looking for a solution that monitors the primary ISP- tunnel(s) on (physical interface-1) to my primary data center, then, upon failure of the primary ISP tunnel(s), the back-up ISP tunnel(s) will become active between that vendor and my D/R data center's ASA. The diagram below depicts my desired solution.