I have a Fortigate 100D and have been using it with a single internet connection for some time without issue and have also been using SSL VPN to connect into the network. The SSL VPN uses 2 factor authentication (Fortitoken).
I have added a second ISP connection and configured Equal Cost Multi Path (ECMP) Routing. This is configured that if an internet IP can not be reached the path will be marked as down.
The problem I have is that I can't get the SSL VPN to work on WAN2 and I'm wondering what the best way to design this is: if I get the SSL VPN working on WAN2, should I create a DNS Name which has two A records for the two public IPs of the connections so if either is up the clients will be able to get a connection to the firewall to authenticate?