I believe that it is not possible to implement GRE tunnels in the way that you describe using HSRP. I believe that you can achieve the primary/backup relationship between the tunnels using a different mechanism. Does your DDOS mitigation box support a dynamic routing protocol? If so you could run a dynamic routing protocol over both tunnels and manipulate the routing metric so that one tunnel is preferred and the other tunnel is used only if the primary fails. If the DDOS mitigation box does not support a dynamic routing protocol then you might on the primary router set a static route with the tunnel remote IP as the next hop, redistribute that static into your routing protocol running on both routers, and use tunnel keepalives or perhaps IP SLA tracking to monitor status of the tunnel and withdraw the static route if the tunnel fails. On the backup router you would configure a floating static route. As long as the dynamic routing protocol advertises the redistributed static from the primary the floating static is not used. But when the redistributed static is withdrawn only then is the floating static used and the secondary tunnel is used.
The only possible way is if the tunnel goes down completely, by that I mean a up/down state, if this happens you can use tracking for that interface Tunnel state and decrease the HSRP priority on the router where the tunnel fails, using preempt on the backup router it will allow it to take the primary roll and have the traffic use the tunnel configured on it. If this condition is not met where the tunnel changes the state to down the failover won't occur.
Here is the configuration guide where you can find a little bit more about tracking for HSRP.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.