Hello community, 

I have 2 FTD2 (1010) managed by FMC.

On one of FTDs I have 2 ISP while using SLA to switch to backup line in case of failure of primary.

I did build 2 VPN tunnels between FTDs, while one is on primary ISP, second is on stby ISP.

If I simulate failure of primary ISP, route is correctly changed to stby, VPN is built but no traffic is being passed to the tunnel.

Is in such setup even possible to have IPSEC HA?

(we are using policy based VPNs)

Thank you!