Step 1: Log into your SOPHOS UTM 9 appliance and go to "Definitions & Users"
Step 2: Click on "Network Definitions"
Step 3: Click "New Network Definition..." and create a "Host" for the computer you would like to Remote into by it's IP Address.
NOTE: Ensure that the "interface" is set to Internal
Step 4: Click on "Service Definitions" and add a "New Service Definition..."
Step 5: Here is where you specify the external Port for your connection
Step 6: Here is where you specify the internal Port of your connection (Port 3389 is the standard for Microsoft RDP)
NOTE: Your source Port needs to be the same as the Destination Port of Step 5
Step 7: Here is where you'll go to create the actual firewall rule. Go to "Network Protection" and click "NAT"
Step 8: Select "NAT"
Step 9: Click add "New NAT Rule..." at the top
Using service: This is the first service rule you created in "Step 5"
Change the destination to: This is the host you created in "Step 3"
And the service to: This is the second service rule you created in "Step 6"
Automatic firewall rule: This automatically creates a firewall rule to allow your RDP connection through