Hey Team,
So My setup is as follows, the issue is that i can only get to my unifi device over the internet on the unifi UI website and i cant access it locally
Internet > Fortinet WAN
Two networks on two interfaces 172.16.1.0 and 192.168.1.0
Fortinets UI is 172.16.1.99
172.16.1.0 is a virtual switch to my IT gear and network
192.168.1.0 is for my family and runs a unifi gateway which then runs their network via DHCP
The Unifi gets a DHCP Address and detects the internet on 192.168.1.112
The Unifi then runs its own internal network 192.168.0.1 which is also the Unifi's UI IP
It then translates via NAT to the fortinet on 192.168.1.112 for internet access
It is an odd setup and yes i know a unifi gateway wasnt meant for this purpose but it works for me and makes my familys access point easy to control and network
So the issue is, 172.16.1.0 cannot talk to the unifi's little internal network 192.168.0.1 to access the UI over the LAN, i can only access it over the internet as its added as a gateway on the unifi ui website.
If you're coming to the Unifi mgmt IP 192.168.0.1 from what is essentially WAN-side from its POV, I would imagine that it at least by default blocks such access attempts. Otherwise anyone could try connecting to anyone's unifi gateway over the internet. :)
Consider checking for firewall rules on the unifi device blocking such direction of access, or look for options that could be related to management over "WAN".
It's also likely that the FortiGate doesn't know where 192.168.0.0/24 is, because it's not directly connected to it. So you may need to create a static route for it.
192.168.0.0/24 -> via <unifi's IP in the 192.168.1.0 network>.
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2678 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.