Okay let me try to explain in laymans terms.
The internet is big complicated mess of numbered IP address's
This is how computers find each other
Back in the day you had one PC and one IP
Then 2 things happened. IP's were running out and people were getting more than one computer.
So private addressing was born. i.e NAT (Network Address translation)
This allowed people to use private subnets and add as many devices as they wanted to it.
This is known as a LAN (Local Area Network)
So the incoming connection from the Inturwebs comes in on a public IP (The Internet) and then your gateway/routing mechanism forwards it on to its privately addressed destination.
So what have we learned? If the port is not already forwarded to the victim box you will need to gain control of the routing hardware.