We have a PIX515. On the inside is a mail server and clients. We have a dynamic NAT to the outside address overloaded by a static on port 25 for inbound mail. On the DMZ is a Web server that has a dynamic NAT to the same outside address plus overloaded static on port 443.
Access from inside to the DMZ is NAT exempt.
I am trying to set DNS rewrite (I assume on the inside/outside dynamic nat) so that accesses to the DMZ web server from the inside can be made using the external address. But this appears not to work.
Is this because of the multiple overloads, or is there an issue to do with the NAT order, or is the fact that inside/dmz traffic is not NATed?
Should I use outbound translates for inside/dmz traffic?