I have a router which is connected to a firewall. Here is where I want the NAT and VPNs to terminate. I am having trouble figuring out how to set this up.
If I have NAT at the firewall then information has to get from the router to the firewall for the NAT translation. Does this mean I have to have public IPs between the router and the firewall?
I have 5 IP addresses to work with from my carrier but I don't want to hastily use them. How can I get information to get passed from the router to the firewall and how should I address?
Internet ---> (public IP) router (private IP) ------- (private IP) Firewall doing NAT and terminating VPNs (private IP) ------ LAN
Is there a way to successfully set up the above schema? If I can do that, then I will have IP Addresses left over to do a static NAT for my email server. That way, I can do PAT with one address for all traffic except the mail server traffic which will have a static NAT translation to a second public address.
I guess if I can't do that, then I can subnet my block of 5 addresses so my outer address is configured as a point to point with my gateway address at my carrier and then use the other addresses as a point to point subnet between my router and firewall using the rest of the public addresses.
Then the MX record would reflect my outer address of my firewall right? THen I wouldn't have any addresses left to be able to create a static NAT for my email server though. (I would use all of them creating the public point to point between my router and firewall and so all traffic from the inside would have to be translated using just one public address).
Still confused at how to proceed.
Help greatly appreciated. Thank you.