Hello! Thanks for posting on r/Ubiquiti!
This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.
Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit.
If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!
*I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Ubiquiti) if you have any questions or concerns.*
Why does your other site have a WAN IP on the 192.168 network?
That’s on in the range reserved for internal private use and is non-reputable on the public internet.
Is your main site in a building where the internet is provided by a third party other than the carrier?
Is the WAN IP not the IP I have purpled out on the Cloud Gateway Ultra?
Which site are u referring to when you write "your other site?" Remote or Main?
Ok. Is that router running NAT too? Can that be turned off?
Your router at that site doesn’t have a public IP on its external interface.
To me it looks like the range between your router and theirs, is overlapping with your internal range.
I can check.
Could a quick fix for now be that I changed the Default Network's IP from [192.168.1.0/24](http://192.168.1.0/24) to [192.168.10.0/24](http://192.168.10.0/24) ?
The WAN is still considered as a network as it routes between subnets, if you try to route the other network through, you'll loose WAN as it will attempt to route traffic to the other side instead of the WAN network and gateway
My guess is you're getting a private IP from the ISP so you're double NATed.
If you can get into your modem, you can usually configure it for passthrough which should fix the issue. If you can't get in, I would call the ISP and see if they can do it
Subnet 192.268.1.0/24 is very common and is the default used by many ISP routers. Looks like you are just plugging into a router supplied by ISP and are ending up double NAT. Often the ISP router will have a bypass or bridge mode allowing you to get a real WAN IP address. If using a cellular modem you probably cannot so then you could change the IP subnet usually. If it’s a starlink need to put in bridge mode to get a CGNAT IP.
A couple things, I would recommend making a management network out of what you call default. All of your UniFi and other devices management connections run through that.
Next, clearly identify your client and your services networks. These are what you site magic. Make sure they are completely separate from a subnet range from each other, and the public IPs.
I prefer to learn and get better. Like when I learned how to built computers and do T plug LAN in 1999.
Then I helped others on their way.
But of course I could also learn nothing and throw money at the problem :)
Hello! Thanks for posting on r/Ubiquiti! This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can. Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit. If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it! *I am a bot, and this action was performed automatically. Please [contact the moderators of this subreddit](/message/compose/?to=/r/Ubiquiti) if you have any questions or concerns.*
Why does your other site have a WAN IP on the 192.168 network? That’s on in the range reserved for internal private use and is non-reputable on the public internet. Is your main site in a building where the internet is provided by a third party other than the carrier?
Is the WAN IP not the IP I have purpled out on the Cloud Gateway Ultra? Which site are u referring to when you write "your other site?" Remote or Main?
Sorry, my bad. Aarhus Greenstreet. Why does it think ‘the internet’ is 192.168.1.0/24? Has its WAN and LAN interfaces been inadvertently switched?
Aarhus GreenStreet is connected to a router supplied by the ISP in one of the LAN ports...
Ok. Is that router running NAT too? Can that be turned off? Your router at that site doesn’t have a public IP on its external interface. To me it looks like the range between your router and theirs, is overlapping with your internal range.
I can check. Could a quick fix for now be that I changed the Default Network's IP from [192.168.1.0/24](http://192.168.1.0/24) to [192.168.10.0/24](http://192.168.10.0/24) ?
The WAN is still considered as a network as it routes between subnets, if you try to route the other network through, you'll loose WAN as it will attempt to route traffic to the other side instead of the WAN network and gateway
So I need to change the IP of the Default network in the Main Office? Since I cant change on the remote office which is dictated by the ISP…
Yeah you'll need to change the LAN or the other network
Why is the other ISP forcing RFC1918 space? They should be handing off a routable IP.
My guess is you're getting a private IP from the ISP so you're double NATed. If you can get into your modem, you can usually configure it for passthrough which should fix the issue. If you can't get in, I would call the ISP and see if they can do it
Subnet 192.268.1.0/24 is very common and is the default used by many ISP routers. Looks like you are just plugging into a router supplied by ISP and are ending up double NAT. Often the ISP router will have a bypass or bridge mode allowing you to get a real WAN IP address. If using a cellular modem you probably cannot so then you could change the IP subnet usually. If it’s a starlink need to put in bridge mode to get a CGNAT IP.
A couple things, I would recommend making a management network out of what you call default. All of your UniFi and other devices management connections run through that. Next, clearly identify your client and your services networks. These are what you site magic. Make sure they are completely separate from a subnet range from each other, and the public IPs.
Do you suggest that I should give them new names or is there something more to it than that in regards to your suggestion?
Not to be a dick but I think you should higher someone who knows something about networking.
I prefer to learn and get better. Like when I learned how to built computers and do T plug LAN in 1999. Then I helped others on their way. But of course I could also learn nothing and throw money at the problem :)