Hello,
Source NAT and Port Forwarding rules should suffice. Maybe you could share them (Both SNAT and Port Forwards) so I can take a look?
Also simple topology drawing would be great.
In WebUI you can find:
SNAT in Network > Firewall > Traffic Rules > Source NAT
Port Forward in Network > Firewall > Port Forward
Tinkering with IPTABLES should not be necessary for this
Regards