I’ve got a UDM Pro that has several networks. All are supposed to have access to the internet. The default network has no issues, but one of the networks has some devices (thermostats) that are not reaching their cloud services. Other devices are reaching out just fine. I’m not seeing anything in the Net Flow section — or in any other part of the logs, as far as I can tell.
On a similar note, I have another network that is configured as a guest network, and no devices appear to be able to get out on it. We haven’t routed traffic to it, yet, so it’s not a big issue, other than I can’t see rules triggering that they were blocking traffic.
I’m used to the pfSense logs being very good to help troubleshoot traffic that is being blocked by a rule, but I don’t know where to look on the unifi setup.
What are some good ways to diagnose these types of issues?
Maybe you can make it log to a remote syslog (e.g. in the Unifi Network / controller application) and get more information from there. Using Wireshark to see what is happening on woth sides of the firewall when you trace or ping also helps.
Thanks. I think my frustration is not knowing where to look to see what rule is blocking the traffic. In pfSense, this was easy. Pings and https are getting through, but evidently some of these devices are talking home on a non-standard port. Since these are wireless devices, I’m not sure how to do a wireshark capture on it. I’ve configured port mirroring for wired devices and captured that with wireshark, but I don’t know where to start with these wireless devices.