Secondary WAN drops all VPN tunnels with status change
Site HQ- TZ470
X1- Comcast Fiber Static IP - 126.96.36.199. (Ip used for example)
X3 - Comcast Copper Static IP 188.8.131.52 (IP used for example)
8 Different Firewalls, SOHOs, SOHO 250's,
X1 and X3 are in a WAN failover group with basic failover and X1 set as the top priority.
All remote sites have an aggressive IPSEC VPN back to HQ. In the VPN configurations in the remote sites, the primary IP is 184.108.40.206 and the secondary is 220.127.116.11
The tunnels were all established over the 18.104.22.168
While all the remote tunnels are connected back to the HQ over the VPN of the X1 IP of 22.214.171.124, if we power cycle the modem that feeds x3 into the HQ TZ470, it drops all the VPN tunnels. Even though not a single VPN is connected over x3. X3 will no traffic will be passing over it, however, if we power cycle it or disable the x3 interface it drops all the tunnels and they re-establish back on the same X1 IP they were originally connected to.
The x3 coax circuit is unstable and will drop several times a week, and it drops all of our VPN tunnels even though the primary x1 is up, stable, and working. This makes no sense because X3 IP is listed as the secondary IP in the VPN settings on the remote sites.
any suggestions would be appreciated!