Hi, sorry for reactivating an old topic.
I would like to know if the status is still the same on this issue. It seems absurd to me that we would need to make things so much more complex to simply tell the firewall "if the gateway from the first VTI IPSec is down, use the second VTI IPSec". I am not sure if the implementation is too much of a hassle, but this feature would be greatly appreciated.