Hi I’m wondering if someone can help. I’m pretty new to Mikrotik routers and have got the basic setup pretty much done as well as setting up a site-to-site IPSEC VPN tunnel. What I want to achieve is something we’ve already got out in the field with Draytek routers. Our Customers have a router on their premises and we have a router at ours. We have a primary VPN tunnel using WAN1 on the routers (ADSL) and if there should be a failure we have a ‘backup’ tunnel using WAN2 (point-to-point Microwave link). We’ve had no end of issues with the Draytek routers and are replacing them with Mikrotik 450s.
I’m trying to achieve the same setup between a pair of Mikrotik 450s. Each router has two WAN ports with different addresses and a LAN port.
As our customers use these tunnels 24x7 it’s critical they have a connection. So the primary connection is over ADSL (using a PPPoE modem with a static IP) and a backup connection with a site-to-site microwave link. The idea being that if (and it does!) ADSL fails then the router will then initiate the secondary VPN tunnel over WAN2. Ideally when ADSL comes back online the WAN2 tunnel is dropped and the WAN1 tunnel comes back online.
I have setup a tunnel between the two routers which works fine, however if i try and introduce a second tunnel which uses the same LAN IPs but WAN2’s IPs then it kills the tunnel completely.
I’ve attached a simple diagram which I hope will show what I want to acheive. Is there an easy and/or completely different way for me to achieve this?
Thanks for looking. 
