Well, this is a longer topic than you would expect. You need to understand few things about this failover scenario, main one -
It takes longer for the RAP to discover failure of the main LMS than i CAP would.
CAP needs to miss 8 heartbeats (8 seconds)
RAP - 30.
This is intentional, as WAN connections are not as stable as LAN, so we need to allow a longer threshold.
So it takes at least 30 seconds to discover that your controller is down.
Shut down radios.
Re-establish IPsec to the backup LMS.
Re-IP the client ! this is also important, as it takes time.
So we are looking at 30-90 second downtime for the client and full re-connect and re-auth.
Home I've shed some light on this issue for you.
Also, as mentioned below, going 8.x makes failover if not a "thing of the past" but a much neater and cleaner process. (and much faster one)