Hello, I'm working with a new SA520 appliance and may be running into a design limitation. We are replacing our RV042 with this device and are not able to configure one-to-one NAT's in order to publish various internal systems to the internet for mail delivery, ftp and rdp access. As I'm reading the documentation, it appears that the only place to publish servers to the public IP's is in the DMZ. It this true? In other words, is it not possible to publish private systems via NAT from the LAN zone?