MX appliance - Bind AnyConnect to a specific WAN interface



Trying to achieve the following flow:


LAN Users              -> get access to www through WAN1

AnyConnect clients -> get access through WAN2


And without changing the primary uplink from WAN1 to WAN2 nor doing load balancing. 


WAN1 is behind a firewall which is blocking IPsec protocols. There's no way to ask the provider to change that.

 but it is the ISP circuit with the higher bandwidth therefore the preferred one to route all lan users traffic to reach www. 


WAN2 has no firewall and IPsec tunnels can be established, but has less bandwidth which is not suitable using to route users through it to reach www. 


The only way I managed to get the AnyConnect working is when I change the primary uplink and set it as WAN2.


How can I achieve this? 


Thanks in advance...


Why you dont want wan2 as primary?

And set the flow pref for all lan traffic to wan1

