Nat on static route in the same network

You should check your NAT/masquerading rules.
Seems one of them matches.
If you found the problem, you may create a "NoNAT"-Rule.
More Details or a short network sketch may be helpful.

No NAT/masquerading involved in rules between same LAN. I follow your hint and created a NoNat rule and that solved the problem. Thanks

i think there is a default masquerading rule that catches your traffic.

noNAT works ... great.

This means that Uplink Interfaces is the culpit, all masquerading being done with this target (no SNAT). Which for me is wrong as it shouldn't interfere, source, UTM and new GW are in the same LAN.

Your Internal (LAN) is included in "Uplink Interfaces"?

... and yes Masqerading  Source=ANY --> Interface also works, if inbound and outbound interface is the same.

Stock definition from UTM, never modify it:

Uplink Interfaces = "Any" network, bound to interfaces with default IPv4 gateway

Agree that LAN is included in this definition but still think that if GW is in the same lan it shouldn't masquerade.

why your LAN-Interface has an def. GW?

why your LAN-Interface has an def. GW?

Dirk, in original post I explain the setup: UTM is default GW for the LAN. Inside the LAN I have a VM which take care on dhcp/DNS/VPNs/... In dhcp config (dnsmasq) I set option 121 static route to send IP of the VM as GW for networks behind VPNs. But some devices doesn't use dhcp so they send the traffic to UTM which will forward it to the GW: and bam, Natted IP. More clear ? ;)

ok, but you should use static routes at the SG and not a default gateway entry at the lan interface ...

... and I think there must be such a def.GW-Entry at the LAN Interface, because this move the interface to the "uplink-interfaces"