Redistribute Staic Routes - ISDN Backup to VPN

[Technetium]

Hi Guys, hoping someone here may be able to help,

I've configured an ASA5510 with a number of Lan-to-LAN VPN's. I enabled Reverse Route Injection so that the routes to the remote networks appear automatically in the ASA routing table as static routes. I'm also using OSPF to distribute these routes to an upstream router with backup ISDN lines. The upstream router has static routes using these backup lines with administrative distances of 150 (ie larger than OSPF's 110), so normally it sends traffic through the VPNs.

The route distribution to the upstream router works fine, however if one of the remote VPN peers goes down, the route to it doesn't disappear, it remains in the ASA route table and is propagated via OSPF to the upstream router and so this router doesn't dial the backup line. Can anyone explain why the Reverse Route Injection in the ASA still happens even if the VPN link fails, or how I can get around it.

My other option is to use object tracking on the upstream router to test when a VPN is down, but this is much more work than dynamic routing, so I'd like to avoid it if I can.

Any help or suggestions appreciated.