We have an F-12 firewall with a primary WAN connection on port 5, statically assigned IP. Our backup WAN connection is on port 3, also statically assigned IP. We have an IKEv1 site-to-site VPN to Rackspace that fails when the Ethernet cable from the backup ISP equipment is connected to port 3. We have to IKEv1 tunnels created pointing to the same remote subnet and peer, and Barracuda support has told us this configuration would not work and we would need a second peer IP on the remote/Rackspace side. Does this sound accurate?
Another strange quirk is that when we have our backup WAN connected, the two IKEv1 tunnels switch between up and down, going back and forth endlessly. Is there a way to make a priority, that if the primary WAN is up that the backup WAN wont attempt to establish? It seems strange to me that we would need two remote peers to have a 'failover' WAN connection.
Thank you for any info or suggestions.