IPSec tunnel active/active

Question

I am attempting to configure two active tunnels from one Sophos XG to two Junipers at different sites as per the below diagram. 
 I can bring both tunnels up, but when I do I can not get traffic to flow. If I disconnect either tunnel traffic flows. 
 I am not very strong on the networking side but I presume some form of weighted routing is required to achieve this? 
 Can anyone comment if the below configuration can work with both tunnels up at the same time? 
 I have configured a failover group which seems to work, but Company Y wants both tunnels to be up.

Keyur · Accepted Answer

Hi Calyps

As per the provided diagram, you are trying to configure IPsec Tunnel fro Sophos XG to Juniper devices having has same IP subnet.

It will create an IP conflict and when you up both the tunnel, Sophos XG will not be able to decide, which tunnel traffic should forward because both the tunnel has the same network. When you disconnect one of the tunnels XG has a path to forward the traffic to the specific tunnel.

Regards,