I tried your suggestion and the result is the same - 443 not opened. Further, I am concerned that this rule then allows any and all inbound traffic to be forwarded to this one machine. Doesn’t make sense to me.
Ah gotcha. Yes, port forwarding is not directly created within the fw rule and will need to be done separate. Sounds like everything is working as expected?
Essentially port forwarding is to map the ports and fw is needed to allow open those ports for inbound access, assuming you have a default deny rule for all ports.
Sounds like an opportunity for a feature request! Adding a port forwarding rule should automatically create the necessary inbound access rule. Is there ever a case where you would want a port forwarding rule, but not a firewall rule to allow it?