Hello Everyone ,
sorry for delay in reply, i reached to final configuration with automatic change default gateway while changing IPSEC interface. internet services also swtichign automatically. no need to create two tunnel just need to change external interface only to work VPN on another WAN if primary goes down. here is configuration which will may help others.
services {
rpm {
probe probe-isp1 {
test test-isp1 {
probe-type icmp-ping;
target address 8.8.8.8;
probe-count 3;
probe-interval 5;
test-interval 5;
thresholds {
successive-loss 3;
total-loss 3;
}
destination-interface ge-0/0/0.0;
next-hop 192.168.10.1;
}
}
probe probe-isp2 {
test test-isp2 {
probe-type icmp-ping;
target address 8.8.8.8;
probe-count 3;
probe-interval 5;
test-interval 5;
thresholds {
successive-loss 3;
total-loss 5;
}
destination-interface ge-0/0/1.0;
next-hop 192.168.8.1;
}
}
}
ip-monitoring {
policy track-isp1 {
match {
rpm-probe probe-isp1;
}
then {
preferred-route {
routing-instances ISP1 {
route 0.0.0.0/0 {
next-hop 192.168.8.1;
}
}
}
}
}
policy track-isp2 {
match {
rpm-probe probe-isp2;
}
then {
preferred-route {
routing-instances ISP2 {
route 0.0.0.0/0 {
next-hop 192.168.10.1;
}
}
}
}
}
}
}
routing-options {
static {
route 0.0.0.0/0 next-table ISP1.inet.0;
route 172.16.0.0/23 next-hop st0.1;
}
rib-groups {
ISP1-to-ISP2 {
import-rib [ ISP1.inet.0 ISP2.inet.0 ];
}
ISP2-to-ISP1 {
import-rib [ ISP2.inet.0 ISP1.inet.0 ];
}
}
}
routing-instances {
ISP1 {
instance-type virtual-router;
interface ge-0/0/0.0;
routing-options {
interface-routes {
rib-group inet ISP1-to-ISP2;
}
static {
route 0.0.0.0/0 next-hop 192.168.10.1;
}
}
}
ISP2 {
instance-type virtual-router;
interface ge-0/0/1.0;
routing-options {
interface-routes {
rib-group inet ISP2-to-ISP1;
}
static {
route 0.0.0.0/0 next-hop 192.168.8.1;
}
}
}
}