How to connect vm Sophos firewall port with vm ubuntu port in VMEsxi?

ok sir, i try it.
from trying 2 network schema, for ip :  

- ip ubuntu server : 192.168.10.2/24
- ip sophos (2 interface) 
      port2 (as gateway ip ubuntu server) >> 192.168.10.1/24
      port1 (interface connect to client) >> 192.168.1.2/24
- ip client : 192.168.1.1/24
- ip vm esxi : 192.168.1.5/24


summary :  
 1. client can ping interface vm firewall (port 1, port 2) & ip vm esxi, but cannot ping ip ubuntu (rto)
 2. ubuntu can ping interface vm firewall (port 1, port 2) , but cannot ping ip vm esxi & cannot ping ip client


i have done for :  

 1. add static routing in sophos
 2. add gateway in interface client & ubuntu
 3. delete firewall rules & ACL rules in vm sophos firewall











can you help me sir for this case? 

I am confused: at first you wanted to BLOCK icmp packets from client reaching the ubuntu server, now that we achieved this, you want them to get through?

You will nedd to define a firewall-rule to access your FTP-server on the ubuntu-system from your client. That's all.

And static routing on the Sophos-system is not needed, as the Sophos-VM has a leg in both networks. So the IP-routing already "knows" about  these two networks. The rest was already correct, the clients has to have 192.168.1.2 as gateway and the ubuntu-server has to use 192.168.10.1 as gateway.

You are almost done.

oh i see, ok sir.

now I haven't applied any filter rules yet. but why client can't ping ip ubuntu? (request time out)