9 Dec
2016
9 Dec
'16
4:48 p.m.
Your JNOS is trying to respond directly to the
incoming connections rather
than traversing an encap tunnel. This will not work as the upstream
hardware does not know about you and your 44net allocation. You receive
packets over the encap bridge but you respond back directly.
As for how to fix it? Dunno. We need to somehow encap
your outgoing default
route for your 44 IP address so that packet response is along the same path
that it came in.
Is that the issue? When I telnet to him from internet I do get "established"
suggesting that something gets back...
But when it is as you write, what you need is "policy routing". that means,
the capability to select a (default) route based on criteria like the source
address (your 44-net address or your public IP address). The first has to go to
amprgw, the second has to go to your ISP.
Does JNOS even offer that? It can be solved with Linux or a sophisticated router
like MikroTik or OpenWRT, but I am not sure a bare JNOS system can do this.
Rob