Todo #15436
closedUpdate notes for if-bound state policy
100%
Description
https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#interface-bound-states
For systems with multiple WANs, traffic attempting to exit WAN interfaces other than the one with the default gateway may not be able to pass outbound. This is because states initially get created by the OS as the packet attempts to leave following the default route, and then get redirected by route-to out a different path. Since the interfaces on the state do not match, the firewall does not allow the packet. Work is ongoing to address this issue in PF.
AFAIK the referenced pending work is done with:
https://cgit.freebsd.org/src/commit/?id=6460322a0a512f4e2c263bee54fc8bf46091f4cd
That is in 24.03 (tested working on a multi-WAN setup).