pfSense routing issues

Ive got a routing issue on my pfSense box that shows the response to a ping request being routed to a IP in a separate subnet/vlan. 10:25:13.239238 IP 10.2.0.2 > 8.8.8.8: ICMP echo request, id 9374, seq 15401, length 9 10:25:13.369458 IP 8.8.8.8 > 192.168.20.21: ICMP echo reply, id 9374, seq 15401, length 9 I've recently added a wireguard VPN to the box, and assigned it an interface (VPN). The internet gateway is set to send a health check to 8.8.8.8, its reporting down based on 100% packet loss based on this routing issue. I also believe that I am seeing: - the response come through the WAN interface and not the VPN interface. - the packet doesnt appear to have the reply-to flag (cant find anywhere to set this from the IG) - the wireguard tunnel remains active throughout - the VPN provider is PRotonVPN I cant explain why this would happen, and have checked - Nat rules - UPNP - Firewall rules - Interface Why would a ping response not return to its point of origin?