UTM 9.109 Have main office with 3 branches. Site2site vpn connections OK. I have a security subnet, say x.x.1.x, that is extended to all 4 locations with a red tunnel from main to branches and bridged with br0. Everything works OK.
Apparently, the UTM only supports 1 bridge. So now I have a problem. I have an access control subnet, say x.x.2.x, that needs to be extended to one of the branches. I created a red tunnel at the branch and at main and nat the subnet to the external at both sides and created firewall rules to allow all subnets to commincate both ways.
From the branch UTM I can ping the main site interface and any devices on that subnet. But from main, I cannot ping the branch interface. I don't have devices there yet but a ping to the interface says destination host unreachable.
The main office has uplink balancing turned on. So is the solution in a multipath rule? a static route? If it works in one direction seems like I should be able to make it work both ways.
This thread was automatically locked due to age.
