Intercepting MQTT traffic & 'rerouting' to internal host

[cloudz]

I have a water softener that reports its status via unencrypted MQTT to an internet host. The IP adres to the host seems to be hardcoded in the device since it never does a DNS query (that I've seen -- I've been tcpdumping all traffic). I know it communicates to a specific IP, it originates from a specific internal IP on my IoT VLAN and I know the port.

With this knowledge I wrongfully assumed I could port forward port 1833 from my IoT IN interface to my internal MQTT broker by creating a rule in the NAT/Port forward section. I've tried to do this on the IoT & WAN interface without success. I understand it doesn't 'hit' the interface but just passes through it.

Are there other options I can pursue to intercept the traffic between those IP's and divert it to the internal host?