We are currently using ASA 5510s in all of our sites. We implemented a load balancing piece of hardware for multiple ISPs at Site A. At Site B and Site C we have configured the VPN tunnel with multiple peers for each of the two IP addresses we are using at Site A.
The failover from IP1 to IP2 seems to work properly from the remote sites (however it takes almost 2 minutes to fail over). However, if IP1 comes back up (which our load balancing then disables IP2), the Remote sites do not fail back to IP1. We have to manually log off the Site to site connection.
Is there any way to:
1. Make the failover time faster from IP1 to IP2.
2. Allow the VPN tunnel to failback to IP1 when IP2 is no longer available.