I can confirm that there is something wrong with the “Load Balance and Failover”. I have 2 servers in my internal network and a openvpn server on the ZS. The servers are working with port forward.
If I don’t apply 3 netbalancing rules, then none is working in a proper way, due to packet loss. When I apply the 3 rules everything works fine.
I sense that something goes wrong with the NAT translations and the load balancer. When you have an incoming connection over a specific interface the reply has to be sent back on the same interface, not based on policy based rules.
So in a nutshell I think that netbalancer rules should be applied only if there is non existing connection (or NAT translation).