* Ken Gilmour:
ISP1 is the default gateway, ISP2 is a backup provider but which is always active. Client comes in on ISP1's link, traffic goes back out on ISP1s link. Client comes in on ISP2's link (non default gateway) but for some reason, the packets seem to be going back out through the link for ISP1.
You cannot use Juniper's software forwarding platforms in this scenario. This may sound like a drastic verdict, but I think it's a pretty accurate summary of the situation. Perhaps you can coax the software forwarding platforms into packet mode (instead of flow mode), but from the documentation, I get the feeling that Juniper doesn't want you to do that (at least on J-series). You also lose some functionality if you do that. Moving the filters to a different box doesn't help, either. So you either have to buy real Juniper routers (and the necessary service modules to implement this), or switch vendors.