My guess is that you haven't configured your router to forward outside connections on port 3389 to your PC's internal IP. That'd be step 3 of 4wd's list:
I've done that, too.
We need a bit more info about your network setup:
What modem/router/hubs/etc, how is it all setup?
If you're running a firewall on the server/host PC, is it configured correctly ?
(I know you said it works from LAN but your rules may be allowing blanket LAN access while still restricting net access.)
Your modem/router, does it have a firewall, (as well as NAT)?
Is it turned on?
Have you created a rule to allow RDP to pass through the firewall?
(My Zyxel has a SPI firewall, so I need to create a rule to allow RDP before it even gets to NAT routing.)
Any firewalls you are running should have a log, (blocked/allowed/attacks/etc), set the firewalls up to report everything then try accessing via RDP.
If you don't get an ACCESS log entry in your software firewall, it will most likely be failing to get through your modem/router. If you have an ACCESS log entry for the modem/router but none for the software firewall then it's failed at NAT.
Another tip, quite a few modem/routers allow IP loopback, (some you can set from the WWW interface, some from telnet, eg. Zyxel), by turning it on it allows you to use the WAN IP to access LAN servers/hosts from within the LAN.
eg. You already know RDP works from another LAN PC by connecting to 192.168.x.x.
By turning IP loopback on, you'd also be able to use your WAN IP, eg. 18.104.22.168. The modem/router seeing this is your
WAN IP will just loop it straight back into your LAN without sending upstream to your ISP. It's a good way to test your server/host programs, I leave it enabled all the time.
This will allow you to test your modem/router firewall/NAT without being dependent on any outside routers/dns/etc.