-
Here is the dumps from side A
Here are the dumps from side B
[code]
[root@router ~]# iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 755K packets, 96M bytes)
pkts bytes target prot opt in out source destination
17323 1108K DNAT tcp -- * * 0.0.0.0/0 my.public.ip tcp dpt:443 to:192.168.10.73:443
713 42632 DNAT tcp -- * * 0.0.0.0/0 my.public.ip tcp dpt:80 to:192.168.10.37:80
15 960 DNAT tcp -- * * 0.0.0.0/0 my.public.ip tcp dpt:22222 to:192.168.10.20:22
Chain INPUT (policy ACCEPT 141K packets, 12M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 157K packets, 10M bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 39386 packets, 2509K bytes)
pkts bytes target prot opt in out source destination
1031 65951 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol ipsec
1917 122K ACCEPT all -- * tun+ 0.0.0.0/0 0.0.0.0/0
12592 806K SNAT tcp -- * * 192.168.10.0/24 192.168.10.73 tcp dpt:443 to:192.168.10.1
41 2624 SNAT tcp -- * * 192.168.10.0/24 192.168.10.37 tcp dpt:80 to:192.168.10.1
0 0 SNAT tcp -- * * 192.168.10.0/24 192.168.10.20 tcp dpt:22 to:192.168.10.1
471K 37M MASQUERADE all -- * eno1 0.0.0.0/0 0.0.0.0/0
[/node]
Where my.public.ip is obviously different between site A and B. -