That isn't necessarily 100% definitive mind.
Remember, your new broker is local to your node red install (same situation as you had originally) & therefore it works (LAN is taken out of the scenario)
There could still be a number of factors preventing communication across LAN.
machine 1 could have a simple setting to enable/disable LAN access.
machine 1 might have a firewall and require port 1883 to be open on ETH0 (out whatever interface it uses)
Machine 1 firmware might require update.
Machine 2 firewall might be preventing 1883 outbound
Router might not be permitting port 1883
...
Etc
...
Etc
...
That all said, if you are happy with your current solution then all is well.
