IP Addressing

Yes, you'd have to have the MX pointing to the external IP you have.

If you publish an internal IP globally, nobody will be able to route to your server, you have to publish the external IP..

Really depends quitealot on what you have for your firewall device on the outside doing NAT. There's certainly many other there that will let you have multiple outside public IPs and do the mapping you want to do. Of course, you'd have to have multiple external IPs from your ISP as well.

Thanks for the reply. What i have is a T1 terminating at a router, which is hooked to a firewall that I want to do NAT, which is hooked into the LAN. In the LAN i have a single server. that server is going to be running Exchange for mail. I am given five IP addresses from my carrier. Everything is inside the firewall on the private addressing side of the NAT box.

I am trying to figure out the best way to set this up. I have so far used a single public IP on the public side of my router and all other connections are using private addressing (between the router and the firewall, and the firewall and the inside network).

Do I just make my MX record the public IP on the router's interface and then in my router ACLs allow traffic to come in on port 25?

Thanks.

Doug Mc> >I have an internal server that is going to be hosting an exchange

MX records point to hostnames... A records point to IP addresses.

Point it to whichever hostname that resolves to a public IP by which the mail server is reachable.

What are the IPs you've been allocated, percisely. All public IPs. What are the IPs of the router? What are the other public IPs you've been allocated? VPNs and NAT don't always get along. If you've been allocated inside and outside router IPs and this makes for 5 leftover host addresses, then you can route to the public space and nat the private at the router. Otherwise, you may be forced to nat the public addresses.