NAT rules are based on source and destination zones, source and
destination addresses, and application service (such as HTTP). Like
security policies, NAT policy rules are compared against incoming
traffic in sequence, and the first rule that matches the traffic
is applied.
As needed, add static routes to the local router so that traffic
to all public addresses is routed to the firewall. You may also
need to add static routes to the receiving interface on the firewall
to route traffic back to the private address.