Hi,
This is a complex task provided that you have a single FW. The FW can monitor the link to the WXC using it's IP for ip tracking and change the interface status (let's assume this is eth0/0) but WXC cannot do the same.
You can try this:
1. Create a new zone and map it to a virtual router different from the one, where eth0/0 is mapped. Let's assume, this is eth0/1.
2. Place eth0/1 into this zone and configure it with the same IP as eth0/0. Perhaps you should also configure a route to the WXC.
3. Configure ip-tracking on eth0/0 (defaults are OK):
set interface ethernet0/0 monitor track-ip ip
set interface ethernet0/0 monitor track-ip ip <WXC IP>
4. Configure interface monitoring on eth0/1:
set interface ethernet0/1 monitor threshold 255 action up
(you can also try "action up physically" - this might be better)
set interface ethernet0/1 monitor interface ethernet0/0
If eth0/0 gows down because of a tracking ip failure, eth0/1 gets status "up" and vice-versa.
5. Connect eth0/0 and eth0/1 to the same VLAN and test the scenario described in 4.
6. Configure a second route to the WXC with a higher metric on the eth0/0's VR that points to the eth0/1's VR.
7. Configure access policies for the new zone.
I have tested this in the past and this worked.