I'm back with more troubleshooting, and the Mikrotik does seem to play a role here.
I hooked back up the Cisco router, and put the troublesome server on it's DMZ (because I wasn't sure how to do a DMZ rule on the Mikrotik), and the connections from the applications were being established. However, I didn't see any additional ports connecting besides those that I have the dst-nat rules for. Can we definitely say now that the Mikrotik is at fault here?
Perhaps there's double Natting going on here? Anyone familiar with WIN 2016 that knows if there's more Natting going on?
Maybe someone can guide me to isolate this issue by creating a my liberal rule for this source IP only, and go from there.
Just a side note, after hooking back up the Mikrotik, I created a "input -> SourceIP - ether1, action accept" priority 2, and a saw traffic pass through that rule, but din't help me. However, I since deleted that rule, but now traffic to my dst-nat rule ports are being dropped from this SourceIP. I see it in the logs as "No Destination". I'm hoping that a router restart will fix this, but I cannot do it now while there is other activity going on, I'll have to wait until the morning. - Any suggestions, is this normal?