We have a customer which is migrating their internet connectivity to a new speed and provider. WAN2 has the legacy internet connection and WAN1 has the new internet connection.
I am attempting to migrate VIP and rules to the new connection. Although I have created a new VIP and rule to map RDP to port 52002, it does not work on the new connection, even though it works on the old connection and IP. I have ensured the new IP is correct and that the internal IPs are also correct.
Another server on port 52000 works as expected so I am at a loss to explain this.
cli cmd diag debug flow is your friend, but it sounds like a routing and failures with uRPF lookup. I bet the old default route is pointed thru WAN1, if the VIP is attached to WAN2 and you have a RPF lookup failure the firewall will drop the packet due to RPFs checks.
If you want to confirm, place a /32 host route thru WAN2 to the source of your tester ipv4 address.