We are conducting connectivity testing before migrating to API Gateway v10. Iptables nat tcp 80 to tcp 9080. Firewall rules are allowing the traffic.

When performing curl -v telnet://<internal_Ip>:80, connection times out and no  FW log entries. When performing curl -v telnet://<internal_IP-diff subnet>:80, FW is logging as deny which is correct.

The ip routes look correct

Release : 10.0

Component : API GATEWAY

Gateway the RECEIVED and SEND - iptables

On the SEND there is nothing in the configuration at the OS level or gateway appliance that prevents it from sending on any interface, IP address,  or port 

On RECEIVED

Gateway 10 appliance to allow traffic on lower ports, such as 443 and 80 you need to configure Firewall Rule from policy manger - see link below 

https://techdocs.broadcom.com/us/en/ca-enterprise-software/layer7-api-management/api-gateway/10-0/security-configuration-in-policy-manager/tasks-menu-security-options/manage-listen-ports/manage-firewall-rules.html#concept.dita_fae8acb476cb1a904d88e3b64b70fac489699014_ConfiguringtheGatewayforPorts80and443

The gateway appliance handles IPTABLES at the app level at configuration time and threw policy manager, this include the firewall rules to allow gateway to receive request on lower ports like 80 and 443

Not recommended to run OS level iptable changes this could have adverse and unpredictable affects on functionality