i also attached my network view, i am requirement your help from fortinet firewall in MPLS to Site to VPN Auto fail over i am using other firewall sophos xg in this feature is already available but fortinet in i tray but not any option found......
Have your routes setup with the same distance and different priorities(your main route being priority 0 and your backup route being higher than 0)
Then setup a health check for the interface, with the 'server' as being whatever you want to ping to verify the route is up. If this ping fails it brings down the route and your other route becomes the main route:
config system link-monitor
edit "1"
set srcintf "wan1"
set server "8.8.8.8"
set update-cascade-interface disable
next
edit "2"
set srcintf "wan2"
set server "172.16.99.2"
set update-cascade-interface disable
next
end
I would imagine you only need a link-monitor for the MPLS connection. The VPN tunnel route will be removed automatically if the tunnel isn't up.
