Only incoming matters. Outgoing just plain doesn't matter. It works for any protocol, any port, so long as your ISP hasn't disabled anything (which is rare, if it still happens at all). The server's outgoing packets still go through the same port as the incoming packets are received, but they are sent to ports on the client that are picked randomly at runtime. It's not as complicated as it sounds, really. Connections are stored basically as tuples, where they're (IP address, port), and you can send to that port without doing any NAT stuff.Light wrote: It sounds as if you've pointed your outgoing to the VM rather than incoming. If you want to connect locally, you'll probably have to do both, though depending on the setup of your router, you may only need the incoming connection pointed to it.
So a client->server connection could be Client(188.8.131.52, 45037)->(21.435.12.32, 4534), and the reciprocal server-> connection is obviously: Server(21.435.12.32, 4534)->Client(184.108.40.206, 45037)
All that is probably more information than you need, but if it helps to see how the connections are actually connected, there it is.
Receiving, or incoming, that's where the NAT stuff has to be done. That's where the server port has to be routed from the router to the PC, then from the PC to the VM.
Again, outgoing routing doesn't matter even a little bit.