Ok, I dumbed this down for a test, and still fail. Have just a default gateway set on the eth1 network, no other routes. Still absolutely can't reach the IP of eth1 from a client in the network connected to eth0, *unless* I bring eth0 down, then it starts working immediately. Obviously, my SLES12SP3(OES2018SP1) box totally refuses to reply to packets coming in to eth1 from an IP in the network eth0 is connected to. Neither via local routing (which is what sles11 does), nor via the gateway connecting the two networks.

My assumption is now some sysctl / security setting, but so far can't find anything.

Ideas?

CU,
Massimo