How to configure hairpining

Bugs
,
7

You set Masquerade on SNAT . my question is where is the public IP means what public IP server will take to go outside because usually we mentioned translation address “PUBLIC IP“ and you mentioned masquerade

my another question is are you able to access server from outside when you mentioned eth1 on DNAT and SNAT rule because its your LAN interface as you mentioned

when i try to replace eth1 with eth2(MY LAN) iam unable to access(Remote) my server but when i place eth1 iam able to access.

for your reference below are my config: -

set firewall ipv4 name FIREWALL_IN rule 30 action ‘accept’
set firewall ipv4 name FIREWALL_IN rule 30 description ‘RDP Access’
set firewall ipv4 name FIREWALL_IN rule 30 destination address ‘192.168.10.10’
set firewall ipv4 name FIREWALL_IN rule 30 destination port ‘3389’
set firewall ipv4 name FIREWALL_IN rule 30 log
set firewall ipv4 name FIREWALL_IN rule 30 protocol ‘tcp’
set firewall ipv4 name FIREWALL_IN rule 30 source geoip country-code ‘in’
set nat destination rule 30 description ‘DNAT for RDP’
set nat destination rule 30 destination address ‘103.117.156.127’
set nat destination rule 30 destination port ‘9296’
set nat destination rule 30 inbound-interface name ‘eth2’
set nat destination rule 30 protocol ‘tcp’
set nat destination rule 30 translation address ‘192.168.10.10’
set nat destination rule 30 translation port ‘3389’
set nat source rule 30 description ‘SNAT for server’
set nat source rule 30 destination address ‘192.168.10.10’
set nat source rule 30 destination port ‘3389’
set nat source rule 30 outbound-interface name ‘eth2’
set nat source rule 30 protocol ‘tcp’
set nat source rule 30 source address ‘192.168.10.0/24’
set nat source rule 30 translation address ‘masquerade’

still iam unable to access my server via configuring above command

you mentioned private IP and ports on SNAT . i didn’t understand why its required ??