XG Mulipath rules and IPSEC VPN failback

Question

Hi, 
 I switched from SG to XG firewall. When I create an IPSEC VPN Connection I can only select one of the two wan ports, not Uplink interfaces as in the SG before. 
 I want that the IPSEC VPN connection will connect to failover with the second wan connection. 
 How can I do that? 
 Second question: 
 How I find Multipath rules in the XG as in the SG? 
 I want to make rules which WAN connection should use define Ports and Services. If the WAN is failing the rule skip and use a other rule for failback. 
 I use it on the old SG system very well. 
 best regards 
 Chris

LuCar Toni · Accepted Answer

Like mentioned before. 
 IPsec Failover works via IPsec Failover groups. 
 https://community.sophos.com/kb/en-us/123305 
 Failback is there. So basically the connection will failback after the tunnel is back.

Multipath is basically the same like Firewall Policy "Primary / Second Gateway". 
 You can select one Primary Gateway like interface 1. And Second Gateway "load balancing". So Interface 1 will be used and after interface 1 fails, XG will use the other available interfaces.

ChristianSchmidt · Answer

Hi, 
 great. Thanks.