Centos7 KVM - Firewalld or IPTables?

I need to convert a server to a kvm host. The server is currently hosting web sites which I'll move to one of the vms later on. I have one vm running and I need to forward ports 81/444 to it from the hosts public IP. I have everything but the networking ready and only need to get that bridge working in order to be able to allow public connections to the vms. Each time I get close, the web sites stop working as they cannot reach the database server. Everything I'm reading says use iptables so I'm about ready to do so. I would prefer using firewalld but if that is not possible, iptables is fine by me. Other than ssh, port 80 and 443, there isn't anything else set in firewalld so what I badly need is someone to walk me through this while in chat. I will provide the current firewalld [login to view URL] or the current iptables, which ever we will use. --- Example; NIC0 Connection to LAN NIC1 has public IP x.x.x.24 and alias .25 .26 .27 .28 Internet connections to public IPs are forwarded to correct host based on port. Example shows we create three VMs; [login to view URL], [login to view URL] and [login to view URL] VM 1 Incoming Connections (Where I will eventually move the web sites to) IP x.x.x.24, port tcp 81, forwarded to vm using NAT IP [login to view URL] port 80 IP x.x.x.24, port tcp 444, forwarded to vm using NAT IP [login to view URL] port 443 VM 2 IP x.x.x.25, port tcp 80, forwarded to vm using NAT IP [login to view URL] port 80 IP x.x.x.25, port tcp 443, forwarded to vm using NAT IP [login to view URL] port 443 VM 3 IP x.x.x.26, tcp port 24, forwarded to vm using NAT IP [login to view URL] port 22 IP x.x.x.26, tcp port 80, forwarded to vm using NAT IP [login to view URL] port 80