One subnet can't access another subnet

Hello Mike,

what is the tesult of nslookup (Domainname of UDM)?

When connecting the UDM to interface three it had to have a 192.168.2.x sddress.Otherwise you are doing some magic here...

Yes the UDM interface/network connected to Sophos is .2.1. Coming OUT of the UDM is .1.1 (it is THIS network I want to talk to).

You mean the wifi leg of the UDM?

You have to announce this net to the other networks with a static route.

That is what I thpought too, yet I have already done a lot of reading on here before posting, and one of Bob's post implied I didn't need to (something abot it being a stateful firewall...). So I am now back to square one - a static route. I have tried every single combination I can think of to configure this, and it doesn't work. Can anyone give instructions to a 5 year old (like me) on the exact syntax on the UTM? I would have added a screen shot of all the different variations I've tried but out of annoyance I deleted the lot earlier /slaps forehead/

Hi Mike,

TCP/IP is always a two-way definition: packets have to know the route „to“ a net/host and they also need to know the way „back“.

I think your problem is the definition of a gateway on the UDM box.

Could you show us screenshots from the setup?

Thank you. See attached. Does this help?

Mike

Hello Mike,

you said 192.168.2.1 is the IP of the UTM to the 192.168.2.0/24 network.

If that is the case, your above setting in the UTM screenshot is wrong.

 What is the IP of the UDM in the 192.168.2.0/24 network?

This has to be the Gateway in the UTM-routing table.

Isn't there a "Default gateway" setting at the UDM box? Sometimes called "gateway of last resort"?

If not, I would set the route from "Purple to green" to 0.0.0.0/0 for the destination network.

Hello Mike,

you said 192.168.2.1 is the IP of the UTM to the 192.168.2.0/24 network.

If that is the case, your above setting in the UTM screenshot is wrong.

 What is the IP of the UDM in the 192.168.2.0/24 network?

This has to be the Gateway in the UTM-routing table.

Isn't there a "Default gateway" setting at the UDM box? Sometimes called "gateway of last resort"?

If not, I would set the route from "Purple to green" to 0.0.0.0/0 for the destination network.

Hmmmm... yes I think I can where you're coming from... sort of!

Sophos is on 192.168.2.1

The UDM is on 192.168.2.10

I presumed I wouldn't need to tell the UDM it's own gateway would need to be used. I thought it would just know??

If I set 0.0.0.0/24 on the UDM as the Destination Network then I get "There was an error saving the static routes changes. Invalid payload."

Sorry 0.0.0.0/0

The gateway to Sophos, on the UDM, is set via DHCP (from Sophos), but it seems to stick at 192.168.2.10

UTM / UDM confusing! Okay I have set the UTM as above

That obviously makes sense!

But...I still cannot connect to the UDM on 192.168.1.1 via IP address

Pls do an nslookup of the name and tell us the ip, as said before.

That *is* strange! 192.168.0.1 is the UTM address

It is NOT in my LMHOSTS file, but resolves by domain name to the U*D*M

Hmm, Mike - it seems like the route that Philipp led you to should work.  What do you learn from doing #1 in Rulz (last updated 2020-11-12)?

Cheers - Bob

Thank you everyone. That does indeed work

I wasn't understanding the Ubiquiti UDM and had to also open "WAN Local" to traffic coming though the Sophos UTM, that then immediately allowed me to see the UDM network (192.168.1.1) coming through the 192.168.2.1 network (Purple Network) on Sophos, from my 192.168.0.1 Green Network

Brilliant!