Unfortunately I can not access you network picture.
But...I give it a shot.
I think your server is behind an access-point and you access the port 2222 at the accesspoint which is forwarded to the other machine.
As you use iptables you have a stateful-inspection-firewall which will be able to notice what connection are already running and if an ip packet that leaves the pc trough the output chain belong to a allowed connection.
If you are sure that the packet reaches the second machine you maybe did not allow the second machine to answer.
To prove this we will need the
a) iptables -nvL FORWARD of the first
b) iptables -nvL OUTPUT of the second machine
If you would not like to post those thing here, maybe you just try the following
On the second machine add the following rule:
Quote:
iptables -I OUTPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
|
This will allow all packages related to a granted connection to be able to leave the second pc.
If this does not help, we will need more info. Maybe the first pc does not let some packages trough.