Hi, I noticed that in the case that the ping works, the source IP address in the tcpdump changes by the time the traffic is exiting the gateway. I suspect that the traffic is actually being SNATed. Is the "public" IP of your network node?

If so, I think it would be useful to see the iptables rules on that host.