i have an infrastructure like this:
Router -> Firewall -> Load Balancer -> WebServer -> Backup Server
the infrastructure here is at a minimal. only the servers involved are shown
the router, firewall and load balancer are on one same subnet. (1.x)
The loadBalancer, WebServer are on another subnet. (2.x)
The webServer and Backup Server are on the last subnet, also a private subnet (3.x)
All subnets are using private addressing.
The webserver is able to route out and serve pages because it is routable via the load balancer, which goes to the router. this is done via NAT on the router end.
Now, I have a need to allow my backup server to connect out to the internet to access another off-site backup server.
Rather than just pull a cable to connect to the router, I was wondering if it is possible to make use of iptables on the webserver to route traffic out. I just need to rely on rsync, scp and ssh protocols, but for now i am just testing with all traffic.
I followed this page: http://howtoforge.com/nat_iptables
And I manage to allow 3.x from backupserver to ping 2.x, but not beyond. and strangely i am not able to ping the 2.x interface on the load balancer.
Is it technically even possible to do this?