Use DPDs to detect a dead peer so that you can flap over the VPN. The 2 VPN Concentrators can be connected on LAN. Have a Routing Protocol across them to a router where ur LAN will sit and which will choose the best path
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...