UNMS - Connecting Devices in Private IP Range


In this article we will explain what is required for NAT when a device inside your network has issues connecting to UNMS when an FQDN is being used.

Table of Contents

  1. Introduction
  2. Network Diagram
  3. Setting the NAT
  4. Related Articles


Back to Top

Sometimes you may feel forced to rewrite the FQDN in your generic UNMS key with an IP address, in order to connect a device inside your network to UNMS. In this situation, it is often useful to check if there is a correct source NAT set on your gateway. In this article, we will explain what is going on and how to fix the situation. 

Network Diagram


Back to Top


Setting the NAT

Back to Top

In the schema above, the domain myunms.com is set up on and there is a redirect on the gateway from to If the address myunms.com is opened from the airMAX device it will not work.

The reason for that is that airMAX device asked DNS to translate myunms.com and it received the public address When the first packet is sent there the gateway router (EdgeRouter 4 in this example) it intercepts the packet and rewrites the destination IP to (UNMS server). The UNMS server gets the packet and it replies with ACK packet (acknowledges the connection) which travels to a sender address - (airMAX device). But the airMAX device sent a request to the server and that server never answered, so that connection eventually times out. Instead, airMAX device receives ACK packet from, which the airMAX device never tried to contact so that packet is discarded. 

The solution to this issue is to add a rule to the gateway which will NAT all packets going to Here is a guide how to setup Hairpin NAT on the EdgeRouter.

Related Articles

Back to Top

EdgeRouter - Add source NAT rules

Was this article helpful?
3 out of 10 found this helpful
Can't find what you're looking for?
Visit our worldwide community of Ubiquiti experts for more answers
Visit the Ubiquiti Community