Reply
New Member
Posts: 13
Registered: ‎11-14-2017

Static Routing SAVE - FAIL

HI ALL,

 

 

So I created a VLAN on my controller such as:

 

NETWORKS.png

 

I'm looking to give access from the Employee Network, to my internal network. I tried to create a static route via interface, but it's not working. 

 

 

Screen Shot 2018-11-12 at 1.27.26 PM.png

 

 

I realize the idea of a VLAN is exactly for this, but that's what the route is for.

 

TIA.

New Member
Posts: 13
Registered: ‎11-14-2017

Re: Static Routing SAVE - FAIL

I should note, all static routes fail to save.

Regular Member
Posts: 498
Registered: ‎01-28-2016
Kudos: 99
Solutions: 17

Re: Static Routing SAVE - FAIL

Hey @baileyj0611,

 

You don't need to create the route because the router already has an interface (VLAN) with that subnet, so it knows about the network. InterVLAN communication is enabled by default and is only restricted with firewall rules. All of this is assuming that you're using a USG, are you?

 

--

Klint

Primary Innovator at Sprocket Technology
UEWA | Contributor to Easy UBNTUFW Lockdown, Companion API | Host on Vultr
New Member
Posts: 13
Registered: ‎11-14-2017

Re: Static Routing SAVE - FAIL

yes, using USG Pro 4.

 

 

Regular Member
Posts: 498
Registered: ‎01-28-2016
Kudos: 99
Solutions: 17

Re: Static Routing SAVE - FAIL


@baileyj0611 wrote:

yes, using USG Pro 4.

 

 


Great! Then interVLAN traffic should be routed automatically. Again, you can restrict it with firewall rules, see here:

 

https://help.ubnt.com/hc/en-us/articles/115010254227-UniFi-USG-Firewall-How-to-Disable-InterVLAN-Rou...

 

Does that help?

 

--

Klint

Primary Innovator at Sprocket Technology
UEWA | Contributor to Easy UBNTUFW Lockdown, Companion API | Host on Vultr
Ubiquiti Employee
Posts: 1,218
Registered: ‎02-28-2017
Kudos: 360
Solutions: 120

Re: Static Routing SAVE - FAIL

Because all of your networks are corporate, inter-vlan traffic would be allowed by default. Common mistakes that generally result in unsuccessful communication between VLANs are:
1. The end client doesn't have a default gateway configured, or the wrong one.
2. The end client has a host-based firewall (commonly windows firewall) blocking incoming traffic from subnets that differ from its own. 

 

Static routes are only generally used when more than 1 router is involved, just a note for future reference.

Brandon Jaffe | UniFi Routing & Switching | Austin, TX
Reply