IPSec for WiFi Calling is not following outbound rules

We have a BR1 with Cellular and VSAT in Priority 1. The default outbound rule is priority where cellular is 1, VSAT is 2, and terminate sessions is enabled. The problem is IPSec sessions for iPhones with WiFi Calling always revert to VSAT. Even if I disable the VSAT WAN and re-enable it, the IPSec traffic goes to cellular and then right back to VSAT.

I also tried to enforce UDP 500 and 4500 to cellular only, and it still goes through VSAT instead. What am I missing?

Service Passthru needs to be disabled Would be my bet…

1 Like

That seems to have nailed it. Thanks!