Originally Posted by grepmasterd
tcpdump is your friend.
do you see (using tcpdump) the connection attempt on ppp0? if not, then it's not your setup, it's something upstream. if you do, then try tcpdump on ath0 on box 2.
this will let you narrow down where the session is getting rejected.
I can connect to the server in various ways:
1. internet -> ppp0 -> webserver (on box1 - just a temporary server)
2. box1 -> box2 -> webserver (box2)
3. switch computer -> eth1(box2) -> webserver (box2)
4. switch computer -> eth1(box2) -> ath0(box2) -> ath0(box1) -> webserver
Those all work so it seems like the iptables rules need to be adjusted and a upstream issue doesn't exist.