Routing of RED Network through IPSEC Tunnel

Question

Hello Community 
 
 I have a little routing problem I don't really understand. The Route should be like that 
 Please dont ask why or tell me to directly connect the UTMs. Thats out of the question in this scenario: 
 
 For this example lets say (IF = Interface): RED Network is 192.168.0.0/24 (Gateway 192.168.0.1) local Network on UTM 1 is 192.168.1.0/24 (Gateway 192.168.1.1 | UTM IF 192.168.1.2) local Network on UTM 2 is 192.168.2.0/24 (Gateway 192.168.2.1 and its the UTM IF) 
 The Route should be RED Gateway IF on UTM1 -> local IF on UTM 1 -> Gateway of that Network -> UTM 2 local Network (via IPsec Tunnel) 
 Or with IPs 192.168.0.1 (RED IF)-> 192.168.1.2 (UTM1 IF)-> 192.168.1.1 (Gateway) -> 192.168.2.1 (UTM2 IF) 
 
 Problem is: even though is set the Firewall rules on UTM 1 to allow any Port from 192.168.0.0/24 to 192.168.1.0/24 and back the Red network cant even communicate with UTM1 IF. So I guess I don't really understand how UTM Routing works. I thought the RED just works as a logical IF of the UTM?

DKKDG · Accepted Answer

Hi David Do Van, 
 you have two ways to solve this. 
 First make a SNAT Rule if your IPSec does not use strict routing. 
 Original Source: RED Network Service: any or a desired group of services 
 Destination: Destination Network 
 NAT Source: On IP Adress of the network already in use of the IPSec tunnel or the interface address of it. NAT Service: leave it blank 
 The second way is to add the RED network in the IPSec tunnel. 
 In both ways if automatic rule not ticked you have to create it on yourself. 
 Best Regards DKKDG