For Outbound NAT access Inbound Server the Policy should disable the NAT Policy, Let say is FortiGate by default create the policy the NAT is enabled, you should disable it.
Example:
The WAN to Internal Datacenter policy, NAT enabled or disabled will not affect the NAT access and function.
This is Rules let outbound can access Inbound Synology NAS 5000 Port
When disabled and outbound sign-in to Synology, Synology will show the outbound access IP address so you can log in and know who accesses the server.
But If you enabled the NAT for this rules, All outbound access will NAT to Firewall IP address, then the Synology will not display the correct access IP, because the network address translated (NAT) to Firewall IP.
