I have a client workstation that is in a private network (172 range) that wants to access my network through my Sidewinder firewall. He gave me his private address. Of course this will not work since it is a private address. He could give me the external interface of his internet facing firewall but this would allow every body in from his LAN or WAN and of course I do not want that. How do I tie it down to his workstation only??
Do you want this client to have access to your whole internal network? Or just some specific machine on a specific port? If it's the whole network then you should create a VPN for him.
Make a rule on some other port, like 4434, set the source to his external IP, and redirect it to your internal webserver on port 443 (change the redirect port from 0 to 443). Unless someone from his company using that same IP is scanning your external IP for open ports and then trying to connect on them, I don't see how anyone else will use that rule besides him. Then you give him https://x.x.x.x:4434 and he can get to the server on the inside.
You need to create a network object first bind to your web server. You will then need to create a rule in your firewall. Select the application, source.... In destination put the public ip address (you could create an alias), and in the redirect field, specify the network object that you have created (the private ip address of your web server).
I think NAT is supposed to be set to none.
Please let us know if that works.