vpn tunnel: only 1 ip reachable in address group

Hi

I have established a vpn ipsec tunnel between fortigate and a third party's cisco ftd (phase2 remote address 192.168.10.1/32), worked as expected.

This week I tried to add a new remote address to the vpn 192.168.10.15/32 so I changed the remote address in phase1 to point to a group of address (192.168.10.1/32 & 192.168.10.15/32), also added that group to static route and fw rules instead of the old address (192.168.10.1/32).

The problem is only one of these ip address is reachable at a time, I can ping 192.168.10.1 but I can't ping the other 192.168.10.15, but if a the remote 192.168.10.15 ping me it becomes reachable from my side for some time.

How can I have this 2 ip reachable at the same time through vpn ?

vpn tunnel config 

config vpn ipsec phase1-interface edit "MY_VPN" set type static set interface "port1" set ip-version 4 set ike-version 1 set local-gw <...> set keylife 28800 set authmethod psk set mode main set peertype any set net-device disable set passive-mode disable set exchange-interface-ip disable set aggregate-member disable set mode-cfg disable set proposal aes256-sha1 set localid '' set localid-type auto set auto-negotiate enable set negotiate-timeout 30 set fragmentation enable set ip-fragmentation post-encapsulation set dpd on-demand set forticlient-enforcement disable set comments '' set dhgrp 2 set suite-b disable set wizard-type custom set xauthtype disable set mesh-selector-type disable set idle-timeout disable set ha-sync-esp-seqno enable set auto-discovery-sender disable set auto-discovery-receiver disable set auto-discovery-forwarder disable set encapsulation none set nattraversal disable set esn disable set rekey enable set fec-egress disable set fec-ingress disable set remote-gw <...> set monitor '' set tunnel-search selectors set add-gw-route disable set psksecret ENC <...> set dpd-retrycount 3 set dpd-retryinterval 20 next end config vpn ipsec phase2-interface edit "MY_VPN" set phase1name "MY_VPN" set proposal aes256-sha1 set pfs disable set ipv4-df disable set replay enable set auto-negotiate enable set auto-discovery-sender phase1 set auto-discovery-forwarder phase1 set keylife-type seconds set encapsulation tunnel-mode set comments '' set protocol 0 set src-addr-type name set src-port 0 set dst-addr-type name set dst-port 0 set keylifeseconds 3600 set src-name "MY_LOCAL" set dst-name "MY_VPN_remote" next end