Personal webserver

AT&T's Gateways have a one-IP-per-MAC address issue.  Since your "public" server is a guest OS on a machine that has a private address, the Gateway is having trouble routing to the public address if it's using the same MAC.  Most VM software will allow you to create a unique MAC address for your guest VM.  See if that will correct your issue.

(This is assuming that the Public Subnet is set up in the Gateway and otherwise works).

Thank you JefferMC. I tried that and generated a new MAC address (using VirtualBox, so that was easy). Still no go. I have attached my appropriate router configuration screenshots below, if that is easier. Public subnet rule list wants me to keep the "inbound traffic" off, which I assume is for stricter security.

That looks correct.  You could try temporarily enabling "Allow Inbound Traffic" instead of the "Public Subnet Rule List" to see if that fixes the issue but I have my doubts.

Sorry, that did not work either. Do I need "IP Passthrough" and/or making the host server also have a public IP? Just thinking out loud. I was thinking this is a pretty standard use case for anyone hosting a simple webserver, isn't that the case?

Using IP Passthrough is an issue separate from the Public Static network and I don't think it will help you.  It's job is to affect routing for the Public Dynamic address.

Ok, is this a standard setup that you have seen and should it work as I am expecting or I am missing something?

Virtual Machines / Containers are always more of a challenge to get right than a simple host interface.  I don't know of anyone successfully getting your particular configuration to work.  Independent hosts, yes.

If you don't want to use your Public Addresses elsewhere else, you could possibly consider configuring the Gateway to make your PC the Cascaded Router instead of using the Public Subnet configuration.  You would want to reverse the virtual MAC you set up so that the traffic goes through the PC's primary MAC.  Then your PC's VM software can take care of the routing.  (1) I'm not 100% sure this should work, and (2) it exposes your PC to all the traffic the Internet may send to any of your Public Subnet IPs.

If you haven't already, before you try this, try a Factory Reset of your Gateway.  Keep in mind you'll have to redo the entire configuration (including any Wi-Fi setup and the Public Subnet info)

Ok thank you for the detailed reply. I am going to try and expose the webserver in physical host with a public IP, keep the VM shut off and see if that works. I haven’t done any major changes in the router/gateway other than some static IPs and couple of these public subnet related settings, so don’t think resetting is going to help much. Will report back with findings.

I haven't got a chance to setup the host with static IP. Meanwhile, I came across this article on AT&T support: About Static IP Addresses - AT&T Internet Customer Support (att.com) Sounds like, for existing 5 static IPs that I can use out of 8, I need to get in touch with Support to get my equipment configured?

From your screenshot above, it looks like the on-Gateway work has been done.  There is network work that has to be done to route the Public Static Subnet to your Router and that may not have been done correctly.  You probably should contact AT&T, but I wish you the best of luck getting to someone who understands what you're asking.