Hello, there is no IPsec failover in our devices.
I think there are two options here: this is to immediately raise 2 tunnels, and if the main channel breaks, the backup VPN will continue to work. Or use a small bash script that will ping the ip of the main channel and, if it is unavailable, will raise the backup IPsec. Run the script with the cron scheduler, for example, once every 5 minutes.
Best regards, Anton