I have configured a 493G and is working great for several months but I just noticed an oddity that I need help resolving. I have a basic NAT’ed configuration where ETH1 has a Public IP and ETH2 has a Private IP of 10.4.3.1 and my firewall has one NAT rule to masquerade. Simple…
The issue I am having is on my server on the ETH2 LAN is IP 10.3.4.2 and all traffic through the router appears like it is from the gateway address of 10.3.4.1 which was odd. I was thinking I should see the original source address on the server logs and not the router address.
Any assistance is appreciated. I have included a tcpdump log from a remote connection to a mySQL service to show what I mean…
05:46:22.925159 IP 10.3.4.1.55319 > 10.3.4.2.mysql: S 1956689935:1956689935(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK>
05:46:22.925197 IP 10.3.4.2.mysql > 10.3.4.1.55319: S 1504069998:1504069998(0) ack 1956689936 win 5840 <mss 1460,nop,nop,sackOK,nop,wscale 7>
05:46:22.988197 IP 10.3.4.1.55319 > 10.3.4.2.mysql: . ack 1 win 16425
05:46:22.988825 IP 10.3.4.2.mysql > 10.3.4.1.55319: P 1:70(69) ack 1 win 46
05:46:22.988922 IP 10.3.4.2.mysql > 10.3.4.1.55319: F 70:70(0) ack 1 win 46
05:46:23.052082 IP 10.3.4.1.55319 > 10.3.4.2.mysql: . ack 71 win 16407
05:46:23.052417 IP 10.3.4.1.55319 > 10.3.4.2.mysql: F 1:1(0) ack 71 win 16407
05:46:23.052428 IP 10.3.4.2.mysql > 10.3.4.1.55319: . ack 2 win 46
