Policy based routing to 2nd DSL interface

[apiods]

(Running OPNsense 19.7.4_1)

Currently have OPNsense box setup not too crazy for home use:
- Connected to DSL
- A few VLANs
All is working well !

Now, I have a second DSL line installed and am trying to use that to route some VLAN traffic out to the Internet.
I'm not wanting to do anything like Multi-WAN failover or load balancing.
Just, for 1 VLAN send all that traffic out the 2nd WAN DSL interface (everything else goes out over the the main WAN interface).

So far, I've:
- Connected the 2nd DSL router to a spare physical interface on my OPNsense box
- Configured IPs like:
[DSL router]
WAN: public IP
LAN: 192.168.1.1
[OPNsense box]
WAN: 192.168.1.254
LAN: 192.168.5.0/24 (this is the VLAN I want to route out via this 2nd WAN)
(from OPNsense box, I can ping 192.168.1.1 okay)

I've added a gateway for this 2nd WAN
Added the new WAN interface (IPv4 Upstream Gateway is the Gateway)
Then, on the outbound firewall rule on the VLAN, I've set the 'Gateway' to be the new gateway  - in an attempt to use policy based routing.

But ... it's not routing as I'd hoped. When trying traceroute (from both a client and the OPNsense interface diagnostics traceroute), it just routes out the default gateway, not the 2nd one...

Any suggestions what I'm missing here ?!
Thanks 

[mimugmail]

Screenshot of firewall rules please. What have you enabled in Firewall : Settings : Advanced in MultiWAN section?
How about NAT? Correct setup?

Traceroute need a real gateway which will not work with upstream, but don't rely on this

[apiods]

Thanks - I think I need to learn a few things about traceroute, because it actually looks like it is working !

Firewall rules attached.

In 'Firewall : Settings : Advanced in MultiWAN section', I've not changed anything (never actually looked here!).
- Sticky connections: Enabled
- Shared forwarding: Enabled
- Disable force gateway: Disabled
(Wondering if I should disable 'Sticky connections', but as it looks to be working I guess not ?!)

NAT (Outbound): Set to Hybrid as I've previously setup some VPN stuff here.
Not added anything here related to the WAN #2 interface, as I'd assumed the DSL router was doing the NAT.

So, traceroute still looks like to me the first hop via either WAN interface is my #1 ISP.

But ... checking what 'others' sees my Public IP as, it is showing different for a client when going outbound via WAN1 vs WAN2:

VLAN1 -> WAN1:
dig +short myip.opendns.com @resolver1.opendns.com
212.x.x.x (the default WAN/ISP)

VLAN21 -> WAN2:
dig +short myip.opendns.com @resolver1.opendns.com
92.x.x.x (the default WAN/ISP)

Anything else I should check/set ?

Thanks for the advice 

[mimugmail]

If you dont Nat on wan2 how do the router in front knows where to send these packets? I would enable nat

[apiods]

Sure, I checked and there is an Automatic NAT rule created for the new DSL interface (along with the original WAN one).