UDMPro wan to lan firewall rules

slug · November 12, 2021, 3:37pm

Hi guys, I recently decided to upgrade my network from opnsense to unifi so got a UDMPro. I’m having a little trouble with my network and I presume it’s a firewall issue.

My UDM Pro sits behind a Fritz box (to rectified in a couple of weeks), same as my opnsense was. On Fritz I have set a static route to the UDM network and also set it as exposed host so Fritz firewall is not in between.

The problem is my traffic from Fritz (lan and wan) cannot go through. In opnsense I had some nice easy firewall rules that allowed the traffic in. I’m trying to do the same with UDM Pro but with no luck atm.

Fritz network is 192.168.1.x
UDM is 10.0.0.x
UDM wan up is 192.168.1.2 (double NAT)

Any hints on what rules I need to set to the firewall to allow traffic from both internet and 192.168.1.x would be deeply appreciated.

ex1580 · November 13, 2021, 1:54pm

I’m not sure that is really an upgrade but lots of people still do it. With Unifi it’s very important to understand that “in” means traffic coming into an interface and “out” means traffic coming out of an interface. Usually the rules are on the "in " side. The “local” rules are to access the UDM itself. Keep in mind that if you are applying guest policies to your networks it’s going to block private addresses. https://help.ui.com/hc/en-us/articles/115003173168-UniFi-UDM-USG-Introduction-to-Firewall-Rules