VPN traffic handling

is there a reason why an outbound rule would’t apply for VPN encrypted traffic ?

a balance 50 has a rule to force all traffic from a particular IP out to a specific WAN link. a simple ping out to the VPN gateway shows a relative stable latency ( jitter is about 10MS ) however as soon as a cisco VPN link is established from 1 of the endpoints the traffic within the VPN seems to be suffering of a very high jitter ?

Please check the setting of IPsec NAT-T on Network > Service Passthrough. VPN traffic (UDP ports 500, 4500, and 10000) will be route to WAN1 by default.

You may disable or change it as below:-

  • Enable Define custom ports if your VPN service out of 3 ports above.
  • Enable Route IPsec Site-to-Site VPN and route VPN traffic with the desired WAN link.

Hope this help.