IPSEC Failover for LAN Gateway

Question

I don't know if this is the right configuration so bear with me. 
 I have a connection that essentially functions as a direct ethernet line back to the main office, called an EPLAN. It is set up in my Branch Office in the LAN zone. Everything works OK and traffic goes back to the Main Office for everything including internet. This is the standard setup. I want to have a backup ISP to be a failover for this connection that tunnels back to the main office. I have a secondary ISP set up to function this way and created an IPSEC VPN tunnel which works. How do I failover if the EPLAN gateway goes down (10.1.1.1 below)? Does the LAN gateway need to be in a WAN or custom zone to do this? What if the LAN gateway is in the same subnet as the rest of the branch network? Does this need to be designed entirely differently? Ideally there wouldn't be a VPN between the EPLAN endpoints because it's supposed to be a point to point private link. 
 
 Setup -

Raphael Alganes · Answer

Hello Sandra, 
 Good day and thank for reaching out. 
 You could try to follow this Community RR: https://community.sophos.com/sophos-xg-firewall/f/recommended-reads/136875/sophos-firewall-use-mpls-as-a-backup#mcetoc_1gf50r5o25 It seems this is a similar use case for your environment. 
 And then go over to the section VPN link as Backup link for MPLS link. 
 Hope this helps. 
 Regards,