2 WAN Uplinks split routing issues with incoming connections

[paul5012]

the problem hits every incoming connection: Nextcloud web traffic, incoming mail traffic (which is not handled by the OPNsense; I offloaded this to a Proxmox Mail Gateway, to reduce complexity of the OPNsense setup), incoming VPN connections

@viragomann: you suggest tagging of the incoming connections, and to further routing based on this tagging?
that sounds promising to me. Allthough I not yet did this. Have to dig into this.

[viragomann]

Tagging of incoming traffic should be done automatically by the firewall rule on the WAN interface, which passes it. You should just get sure, that the respective interface pass rule is applied to the traffic, but no other (floating or group).
OPNsense should route the replies accordingly to the reply-to tags.

If no success either, you can state the reply-to gateway in each rule manually.
But anyway you have to ensure that the respective rule is applied. This presumes that you state a unique name for the rule and enable logging.