I have had an IPSec VPN running reliably between a Vigor 2860 and a Vigor 2865 for some time. The 2860 dials out, and the 2865 is configured for dial in. However, slight complication, the remote Vigor 2860 has two WAN connections: a very slow VDSL line, and a faster but unreliable LTE connection. So, I disabled the 'old'  VPN connection, and setup two new LAN-2-LAN profiles with GRE / IPSec, setup in load balance mode, as per this guide:  https://www.draytek.com/support/knowledge-base/4919 . 

The idea is that the Vigor 2860 will dial two VPN connections, 1 through VDSL and the other through LTE which will both connect to the 2865 through a single WAN connection. I can then setup routing policy rules to send some traffic via VDSL and some via LTE at the remote site. This did work when initially setup, however after running fine for a bit, these VPN's seem to get into the following state:

- ONE of the two VPN connections comes up successfully. BUT, it drops & re-connects every 20-60 ish seconds. 
- The other one of the two connections refuses to come online. 

In this state, the Web Syslog shows the following messages on the Dial-Out end (Vigor 2860):


And on the Dial-In end (Vigor 2865):

I know the timestamps don't quite match there, this is just because the web syslog on the Dial-In router had overwritten the entries by the time I copied the logs. 

I have had success rebooting one or both ends of the tunnel, which sorts the problem out for a time, but then the same thing occurs. 

Apologies if that is not quite clear, can provide any more details if required. Would really appreciate any suggestions. 

Should also mention: If I disable the trunk and 2nd VPN tunnel on the Dial-Out router, the remaining tunnel is stable, rather than dropping frequently.