My nat rules for a IIS web server i run on port 81
NAT
add action=dst-nat chain=dstnat comment=“webserver” dst-port=81 in-interface=ether6-WAN1 log=yes log-prefix=IXAS protocol=tcp to-addresses=10.16.16.4 to-ports=81
Forward Chain
add action=accept chain=forward comment=NAT connection-nat-state=dstnat log=yes log-prefix=DNAT
Works for like a minute or two and then all returing connections from web server to outside client get tag invalid. Look at pic below.
I have a few other nat rules that work flawlessly. Its just the webserver one thats breaking my head. Any help in the right direction will be welcomed.