We have an offsite IPSec VPN that we access via client VPN setups on the desktop.
Historically, the VPN has been better behaved over one of our WAN connections and not the other. So, I setup an ‘enforced’ outbound policy rule to ALWAYS map 4500/500 over this WAN.
Today, I noticed that VPN was terribly slow over this link, and figured I’d try changing the two policies, to force 4500/500 over WAN2 instead.
After changing the rules and applying the changes, nothing I did seemed to have any effect.