I have a doubt in Remote Access VPN automatic failover.
We have 3 ASA firewall, ASA1 is directly connected to user segment and ASA 2 and ASA 3 is used for server segment in different location but encryption domain is same for both firewall.
If primary tunnel goes down the traffic will use the secondary tunnel, after some time if we restored the primary firewall still ASA 1 will pass the traffic to secondary tunnel.
At that time if secondary goes down then it requires some manual intervention.
Is there any option to achieve the automatic fall back .