UDM Pro site-to-site VPN SD-WAN to UCG Ultra works only one way

VPN
1

Hello,

I’m completely desperate with this issue and hoping for some guidance.

I have set up a Ubiquiti Site-to-Site VPN between two locations using Site Magic SD-WAN VPN:

  • Location A: UDM Pro (Subnet: 192.168.5.0/24)
  • Location B: UCG Ultra (Subnet: 192.168.25.0/24)

The VPN establishes successfully, and from Location B, I can ping a NAS at Location A. However, I cannot ping anything at Location B from Location A.

To troubleshoot, I added a third location:

  • Location C: UDM Pro (Subnet: 10.50.202.0/24)

With Location C, I can ping both ways between Location A and Location C, but I still cannot ping Location B from either A or C.

Additional troubleshooting steps I’ve tried:

  • Successfully set up Site-to-Site IPSec, but the issue persists.
  • Added static routes on both sites, but no improvement.
  • Traceroute from NAS (shell) at Location A shows countless hops to B, while the reverse works instantly.

I’m at a loss here—any ideas on what might be causing this asymmetric behavior?

Thanks in advance for your help!

2

Hello! Thanks for posting on r/Ubiquiti!

This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.

Ubiquiti makes a great tool to help with figuring out where to place your access points and other network design questions located at:

If you see people spreading misinformation or violating the “don’t be an asshole” general rule, please report it!

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.