I have a FGT60B (site 1) with two wans that connect over PPPoE (ADSL - dyndns on both) connected via IPSEC to a FGT50B (site 2) which has WAN1 connected as a static IP over FTTH.
There are two IPSEC tunnels from each WAN on the FGT60B to the FGT50B.
What I' d like to have is a redundant IPSEC tunnel.
If I disconnect WAN1 on the FGT60B all trafic goes without any problem to IPSEC on WAN2.
Now the problem arises on the FGT50B as the firewall policy for the tunnel with WAN1 on the FGT60B is higher than the WAN2 policy and is not allowing any trafic to go back to FGT60B.
Is there a way to make these firewall rules " parallel" or another way of making the redundancy work?
Thanks in advance
Mladen