I had an issue when setting up a route-based VPN to Azure when I enabled the Checkpoint VTI interfaces, all inbound traffic had intermittent connectivity but the site to site VPN traffic was fine and I have opened case for the issue.
As an alternative, I am now looking at the possibility of using a domain based VPN to utilize the two connections into Azure especially since finding out QOS is not supported on VTI interfaces. Is it as simple as having both Azure VPN Gateway remote peers in the VPN community and enabling DPD? How do I select which tunnel is active and which is the standby? Thanks