Can't ping across subnets.

Not a lot to go on here, but is ping allowed through the UTM firewall between subnets? Whats your logs telling you?

Sorry for lack of info--I'm configuring the appliance only for Spam filtering and email encryption--none of the other firewall services are in place. I am testing the UTM in between the firewall and the mail server, as a replacement for our current Sendio appliance.  The 2 networks are 192.168.1.x and 192.168.100.x.  The UTM is on the 192.168.1.x network, and can't ping any .100 addresses (they can't ping the UTM as well).

Thank you,

Somehow my reply from yesterday was lost....

I have checked everything under ICMP, but stillno luck.  What I meant by "fully routed" is that all other devices on the network can see and ping other devices between subnets.  The UTM is the only device having a problem.

Thanks,

James, there are two tricks here.  One is that the "Any" Service does not include ICMP, specifically not Ping, and the other is that you need firewall rules to regulate ping traffic between networks.  Any better luck now?

Cheers - Bob

There were no defined firewall rules (I presumed it would be open), but I created one to address both ping and https. Here are the current settings for both ICMP and the firewall rule (baptist homes is 192.168.1.0 /24, Providence Point is 192.168.100.0 /24).  Still no luck, thanks.

Please show a picture of the Interfaces on the 'Interfaces' tab.

Cheers - Bob

What/where are the "Baptist Homes" and "Providence Point" subnets?

Cheers - Bob

Baptist Homes is 192.168.1.0 /24 (the UTM is on this subnet), and Providence Point is 192.168.100.0 /24.

gateway on the UTM is the same gateway for the clients that can actually ping the other side?

Where are these subnets?  Is Baptist Homes inside the Ethernet segment that the Internal interface connects to?  Is Providence Point behind another router in your network?

Cheers - Bob

I did see where the default gateway was not set for the interface. However, I corrected it, restarted and still no luck.

The Baptist Homes subnet (192.168.1.0 /24) is where the internal interface connects to.  Providence Point (192.168.100.0 /24) is a separate physical location, so yes the two subnets can see each other.

I did see where the default gateway was not set for the interface. However, I corrected it, restarted and still no luck.

The Baptist Homes subnet (192.168.1.0 /24) is where the internal interface connects to.  Providence Point (192.168.100.0 /24) is a separate physical location, so yes the two subnets can see each other.

Obviously this gateway that you set has routes to the other subnet? Have you checked your logs yet lol

Yes, everything else on the network is routed properly.  Which logs should I be looking for? I don't see anything specific to this issue.

Intrusion prevention and firewall are where I'd start.

As a test, I'd add a route on the UTM for your other subnet(s) pointing to your other gateway/router, or maybe even try switching your interface to bridged?

This is a physical UTM appliance, or a vmware/virutal etc?

I went back, cleared my static route, recreated, and it's working.  I may have had the wrong gateway address.

Thank you for all of your help.