Hey friend. This seems a little late coming, but I thought I'd leave a reply here as I ran into the same "issue" myself just today.
By the nature of an IPSec tunnel, they do not truly get "started" or "stopped" they only come up when traffic that is being routed through them is detected. So in this case, basically as soon as there is traffic on the IPSec tunnel from the secondary node after your primary fails, it will connect perfectly fine with the new tunnel.
To test this yourself, you can add an address in your P2 entry at the bottom to automatically ping. This ping will occur every few seconds and as soon as the first ping is sent from the secondary node after the fail, the tunnel will reconnect and allow traffic to pass.
Hopefully this helps you and any others pursuing this topic in the future!