Hi anav,
It really boils down to those 2 forwarding clauses I described above. The rest works without any quirks.
All users in network 172.16.10.0/24 can reach everything in network 192.168.0.0/23.
Nobody from network 192.168.0.0/23 can reach the printer 172.16.10.93, unless I add the srcnat rule.
There are several working forward rules in the configuration that are analogous to the non working rule.
That puzzles me a lot.
Best regards,
Peter