Firewall/NAT

Brain trust,

I'm struggling with what I would think should be a simple item to get working in m0n0.
The concept is to have both a company lan, and a separate lan for guests - where each lan is natting behind different public IP addresses.

I have a /28 public subnet, and one of the IP's is the wan IP (static), then I would like to use another public IP for the guest internet optional interface to nat behind.

I checked ‘Enabled advanced outbound nat', created a NAT rule where the wan is the interface, the source is the guest lan/24, and the target is the public IP address I would like to NAT behind.
There is a firewall rule in place allowing * traffic on the 'guest lan'.

When configured this way, I am able to ping external websites where I have access to those routers and I can see that the outbound ping is successfully reaching the destination by reviewing the logs. These logs also reflect that I am indeed sending the ICMP request via the public IP address used in the target field in the advanced outbound nat for that guest lan.
The problem is I am not able to receive the responses.

A quick review of the firewall logs show that there are dropped packets coming from 0.0.0.0.

So, it seems the outbound nat is one way, and I am not able to receive anything as there doesn’t appear to tell the m0n0 how to route the packets back to the guest lan.

I have seen a few postings on the forum that are similar to this – but none of them had resolve.

Any insight from the brain trust here would be most appreciated.