We have configured a flexvpn solution with 2x vrf.

On the spoke we configured an interface tunnel for each vrf and the solution is working correctly.

*****************

interface Tunnel1

ip vrf forwarding LAN

ip address negotiated

ip mtu 1400

ip tcp adjust-mss 1360

tunnel source GigabitEthernet0

tunnel destination 10.10.10.1

tunnel path-mtu-discovery

tunnel protection ipsec profile default

!

interface Tunnel2

ip vrf forwarding VIDEO

ip address negotiated

ip mtu 1400

ip tcp adjust-mss 1360

tunnel source GigabitEthernet0

tunnel destination 10.10.10.2

tunnel path-mtu-discovery

tunnel protection ipsec profile VIDEO

********************

In order to have redundancy in case of a failure of the internet link, on the spoke router we configured a second tunnel interface using the cellullar0 and a new routing table in order to use the cellullar interface as a backup default route.

*************

interface Tunnel11

ip vrf forwarding LAN

ip address negotiated

ip mtu 1400

ip tcp adjust-mss 1360

tunnel source Cellular0

tunnel destination 10.10.10.1

tunnel path-mtu-discovery

tunnel protection ipsec profile default

!

interface Tunnel12

ip vrf forwarding VIDEO

ip address negotiated

ip mtu 1400

ip tcp adjust-mss 1360

tunnel source Cellular0

tunnel destination 10.10.10.2

tunnel path-mtu-discovery

tunnel protection ipsec profile VIDEO

ip route 0.0.0.0 0.0.0.0 Dialer1

ip route 0.0.0.0 0.0.0.0 Cellular0 10

*************

The cellular interface is connecting correctly to internet but when we try to shut down the gigabit interface the tunnel with cellular interfaces source don't come up.

Is this kind of configurations supported?

Thx