I have this situation:
192.168.1.2 PC running Remote Desktop Server
192.168.1.1 Gateway A 192.168.224.254
192.168.224.1 Gateway B 10.1.1.224
10.1.1.1 Gateway C x.y.z.n (public IP)
All three gateways have a DST-NAT rule for port 3389 like this:
add chain=dstnat action=dst-nat to-addresses=192.168.224.254 to-ports=0-65535 \
dst-address=10.1.1.224 dst-port=3389 protocol=tcp comment="" disabled=no
If I point to Gateway B from the same LAN using remote desktop client, I can reach the server.
But if I point to Gateway C, I can’t reach it.
Other public IPs of Gateway C point to other services in other PCs, and they work fine.
What am I missing?
Is there a “no more than 2 DST-NAT” rule ?