routing question

[nikkon]

Hi all,
I got stuck with the following situation:
I have a few vlans and several networks.
2 networks have a problem:
network 1 -> 172.16.10.0/24 with x clients - no VLAN
network 2 -> 172.16.20.0/29 with only 2 clients - VLAN10
now this 2 networks intersect in my storage (TrueNAS) where I have 1 interface linked to network 1 and the second interface linked to network 2:
jail 1 -> connects to the non-vlan network and gets DHCP (172.16.10.11)
jail 2 -> connects to Vlan10 and gets DHCP (172.16.20.3)

now the problem is: VLAN10 network uses an openVPN gateway (SurfShark) to reach internet.
I need to make the 2 jails talk to each other by preventing 172.16.20.3 to use default gateway as internet gateway.

ping from 172.16.10.11 to 172.16.20.3 works
ping from 172.16.20.3 to 172.16.10.1 (gateway) works but it doesn't with 172.16.20.3.

what am i missing?
can be the switch port? network 2 binds to a tagged switch port. I think is blocked at the firewall level

thank you

[nikkon]

forgot 1 thing:
on both interfaces I have a rule that allows traffic from 172.16.10.11/24 to 172.16.20.3/29 and vice versa via the default gateway.

[nikkon]

problem fix.
I was missing the out rules on each interface.
thanks - this thread can be closed