We have been agonising over this configuration for some time now; hoping someone can point out where we're going wrong.
We need to make our Exchange Server public. I have attached a basic diagram of what we're doing.
In words: on the outside we have a Netgear router. Between the Netgear router and the LAN we have a SonicWall firewall/router.
Therefore, the initial packet (port 443) that hits the Netgear router gets forwarded, with destination IP address translated to an address on the ("public") subnet on which the Netgear router, and the SonicWall interface (X1) it attaches to, sit. We've also created a static route to forward the packet to the SonicWall (X1 interface).
This packet then hits the SonicWall, where the destination IP address is again translated from this "public" subnet to the "private" subnet of the LAN (X0 interface), on which the Exchange Server sits.
We have been staring at these for days now, and cannot see how they are incorrect.
The test for success is browsing OWA. We have a dyndns account setup for the public IP address of the Netgear router. I can confirm the following:
-> Browsing OWA works within LAN
-> Browsing OWA works when plugged directly into the Netgear router (i.e. on the other side of the SonicWall)
-> Browsing OWA does not work when plugged in to a different router, not part of that network, i.e. going over the internet proper.
We placed a support request with SonicWall, and they reckoned our SonicWall config is correct, and also that what we're doing with the Netgear is conceptually correct.
If anyone can see the problem, that would be fantastic - otherwise if you have any specific troubleshooting recommendations, they will be gratefully received.