Does the ASA have a mechanism by which we can monitor a VPN tunnel using an SLA/Track to a private IP on the remote side and if the SLA fails, re-reroute traffic via a second VPN configured to a different peer? A partner has this type of configuration set up on a Palo Alto where they are pinging a device on our LAN and if they miss pings to it the VPN fails over to a separate physical box on a different WAN IP.
The problem we are having is that their routes fail over but we don't. We have a secondary peer configured and our side will not fail over to the secondary peer unless the IPSec connection to the primary fails, which it doesn't.
Thanks.