According to Cisco and some other forums I've come across it looks like Active/Active and IPSec VPN don't play nice together. Does this mean simply that IPSec VPN will not failover, or that you can't implement it? This is going to be a major point against Active/Active configuration. I have remote users all over the place. In the grand scheme of things remote user sessions will be the last of my worries if a firewall fails, but I do have a problem with not being able to continue using IPSec for my remote access VPNs.....
__________________
B.S., Network and Communications Management
CCNA, MCP x 3, A+
En route: Everything Cisco.
"$100K is a personality trait" - yours truly
Cisco CCIE Certification - The journey has only just begun.