Routing through VIP - different handling of source ip

Hello,

I need help understanding how Fortigate handles two very similar policies.

I've got three vlans with corresponding subinterfaces: 10.20.0.0/16 (project 1), 10.30.0.0/16 (project 2) and 10.40.0.0/16 (project 3).

I've got a VIP mapping 192.168.1.1 (this is actually public, but it's not hugely relevant here) --> 10.30.1.16

When I access the VIP from a server beloning to the same vlan (10.30.1.100), Fortigate changes the source IP from 10.30.1.100 to 10.30.0.1 (so the vlan's gateway).

When I access the VIP from a server belonging to another vlan (10.40.1.12), the receiving server sees the actual ip, so 10.40.1.12.

I can clearly see this in tcpdump and in the packet capture run directly on the Firewall (where the route is for the first scenarion: 10.30.1.100->192.168.1.1->10.30.16 -- and here the ip source changes to 10.30.1.0).

The two policies are:

1. interface out - project 1 (subnet 10.30.0.0/16) --> interface in - also project 1 (VIP - 192.168.1.1->10.30.1.16)

2. interfface out - project 3 (subnet 10.40.0.0/16) --> interface in - project 1 (VIP - 192.168.1.1->10.30.1.16)

Is this intentional so that it avoid any ip conflict, in case the the packet comes from the server itself (10.30.1.16)?

Thank you!