Can't access local subnet from another machine

Hi,

By following this guide:
Subnet routers and traffic relay nodes
I have created a subnet in machine A (192.168.8.0/24)
using this command:

sudo tailscale up --accept-routes --advertise-routes=192.168.8.0/24

and I have accepted the Subnet routes on Machine B successfully.

when I try to ping one of the machines on subnet A (192.168.8.21) from machine B, I get this error.

92 bytes from 100.88.185.98: Communication prohibited by filter


The current workaround: is to disable the firewalls on machine A.

is there a way to fix it without disabling the firewalld?

I managed to solve it by doing:

firewall-cmd --permanent --add-forward

then restarting everything.

Don’t know if there is another way.