I have never tested whether there is no conflict if the "dynamic dst-nat rule" gets created by endpoint-indepednent-nat and a manually configured dst-nat rule matching on the same destination address and port exists. So I would suggest you disable the two dst-nat rules, remove the connecti...