Port forwarding from WAN IP with DHCP to Internal VIP Not Working

Hello All,

I'm new to Fortigate, so be gentle :)

I have a Fortigate 400F that's set up and working, connected to the internet through a cellular router (temporary for now) that gives the fw a dynamic IP on the WAN port.  I want to route https traffic from the WAN port to an internal IP address.  I've followed the admin guide (FortOS 7.2.10), followed multiple online articles and youtube tutorials, and although the setup seems very simple and easy to understand but I cannot seem to get it to work.

My basic understanding of the process is:

1) Create virtual IP with source address of 0.0.0.0 mapped to my internal ip 10.35.1.11 and select port forwarding of 443.

2) Create firewall policy to accept traffice from WAN interface to Internal Interface, source = any, destination = internal IP, service = https.

To rule out my ISP being the problem, I tried to just connect directly to the WAN port with my laptop, set the IP of the WAN interface to a static address, set my laptop to an IP on the same subnet and tested by it doesn't work.  I feel like I'm missing something really simple here.