Cannot make all the connections to the VLAN the same WAN (WLAN2)

I have this Pepelink Balancer One, with 2 internet providers.

I created a VLAN, attached it to the last port (8) and then put a 3rd party router from a client there.
This VLAN has IP
Load balancer has IP
The connected router has IP

Also, I’ve created an Outbound rule to direct the whole traffic to the same WAN. WAN2, in this case.
This rule has the highest priority with an Enforced policy that has to redirect all traffic from an to to this WAN2.

The second outbound rule has this Weighted Balance on both WAN1 and WAN2
The default rule is enforcing the WAN2 too

Everything looks connected and working fine.

But not all the connections from this VLAN are using the WAN2. One connection is going to WAN1 for some unknown reason.
This connection is listed as an IPSec.

If I disable the WAN1, I can make all the connections on/to this VLAN go to the WAN2.
But as soon as I enable WAN1, this IPSEc connection goes back to the WAN1.

What is the issue here? What am I doing wrong?
How can I force this connection to the same interface as other in it subnetwork?

These are the settings of the enforced policy for this WAN2. They are pretty standard I suppose.

post up a screenshot of your outbound rules.

TriTelecom is WAN2.
DMZ is the VLAN that should only use WAN2

And here the Active Sessions (Sygon is WAN1)

Please, let me know what else I can check to have the traffic from all through WAN2. I have not clue why this is happening.

Hello @Leandro_Heck,
What version of Firmware is your router using? Suggest using 8.1.3 GA or 8.2.1 GA for your router if your router is currently on a different version.
You can also change your IP in the outbound policy from to and give that a go.
Happy to Help,
Marcus :slight_smile:

Hi Marcus, I tend to use always the latest one.
In this case, the current firmware version I’m using is 8.2.1


did you follow mldowling’s advice about fixing the ip in the outbound policy? is the wrong IP of the network?

He said I “can”, not I have to make it work. I know I can. So my question is. Should I? And yes, the IP is fixed in the Outbound policy.

The issue experienced is that “Service Passthrough”: IPsec NAT-T is enabled.

the Service Passthrough support rules are evaluated even before the Outbound Policy,

1 Like

@Leandro_Heck, Is WAN2 utilizing a Speedfusion VPN at all for outbound connections?

From your screenshot, you have “Expert Mode” enabled on the outbound policies.

To get this to work correctly, you just need to move your outbound rules above the greybar “PepVPN / OSPF / BGP / RIPv2 Routes.” Screenshot example below, move blue box/boxes above green box.

Interesting did not know that there was something on top of my rules. Thanks, @Cable17

Like this, right?

Hey @Cable17 this messed up my remote access… I could not access my LAN remotely anymore.