I have this working fine on a box running 2.9.39. Basically we have a single interface with multiple VLAN interfaces enabled on it. VLAN 1 is connected to another network where we monitor the switches. We have an address (10.1.x.x) on that subnet. In the 2.9.39 box, I have a masquerade rule set so that if it is coming from our admin network 192.168.1.0/24, and a destination of 10.1.0.0/16, masquerade the connection. It works perfect.
When I duplicate the configuration on a 3.15 box, I can see the packets come into the router, but I can’t seem to get it caught by the masquerade rule. I see the packets going through with a log firewall rule, but the counters never increment on the Masquerade rule, and the traffic never seems to make it back to me.
Am I missing something new in 3.x? I do have Connection tracking disabled due to some issues we had with SIP services. Is that a requirement of Masquerade?
Thanks for the time.
Dan