[zerostar]

Not sure if anyone is familiar with watch-guard products... but here is my dilemma...

We have setup a firebox X500 as a nat/firewall, we have a few external IPs and those are setup to point to out mail server, ftp server & a terminal server.

When outside the network, mail on mail.ourdomain.com points correctly, I can use the imap, outlook webmail, the ftp server and the terminal all using external IPs.

When inside the network I can't get to anything with external IPs or the mail.ourdomain.com. I can get to it with the internal IP just fine.

The main problem right now is laptops/cell phones when they are on ethernet/wifi internally the mail is set to mail.ourdomain.com

How can I make this work going out to the internet and back in to the correct box? What are my options? We are running DHCP and DNS on a Win 2K3 SBS Box.

Thank you!

[tridentinecanon]

Can you access the site (externally) via kproxy.com?

[dimmer]

The most common way to handle this is via split-horizon DNS: which (basically) means that your DNS server understands the difference between internal and external client addresses and responds appropriately to the client with regards to it's origin IP. I'd suggest looking into that first, as there's no reason for your internal traffic to be hitting the firewall at all.

Alternatively, you could try mapping the ports on the firewall so that internal traffic heading for the "external" address gets rerouted to the correct internal addresses -- that's (IMHO) more cumbersome and difficult to troubleshoot, if you can even get it to work.