Packet Filter log shows the following (With x's substituted):
SSH connection attempt TCP 120.138.22.x:55703 → 210.48.13.x:22
I believe this "SSH connection attempt" is related to a Brute Force prevention system. However i can't find any mention of this in Astaro's control panel and this is blocking access to all internal hosts from all (Tested) external hosts.
Specific setup has internal host (172.30.10.20) Masquerading behind an "Additional" external IP (210.48.x.x). All traffic for this external IP is DNATed to the internal host.
Packet Filter rules are set giving services I wish to allow (In this case SSH and HTTP) access from the internet directly to the internal host. HTTP is working as expected.
For troubleshooting I have also created an allow "Any Any SSH" rule, disabled IPS and Intrusion Anti-Portscan as well as creating a straight DNAT rule to exclude the Additonal IP as the cause. I have also rebooted.
