I have a client running a site-to-site VPN connection in order to allow secure RDP access to users at a remote site. The remote users are on a completely separate Windows domain and use the tunnel purely for port 3389 access to virtual workstations and RDP servers at my client's site. My client maintains two WAN connections - one from a DSL provider (on which the VPN tunnel lives), the other from a cable provider. They each have their own separate static IP address blocks.
My client uses a SonicWall TZ210 and utilitzes some of the bandwidth management features to optimize Internet traffic between their two WAN links. What we don't have is a redundant VPN connection to the remote site. The remote site apparently uses Cisco routers on their end which hasn't been any problem at all for the site-to-site VPN connection.
Is it practical to set up two VPN tunnels between the two sites so that if the DSL connection fails the cable connection can act as a failover? Would the remote site also need two separate IP blocks on their end or can they do something akin to a one-to-many relationship? Even if it is not practicle to have true failover capability, it would still be nice if I could uncheck the primary tunnel in the event of a DSL outage and instead mark the cable connection as the active tunnel. Is this easy to do?