The following sample configuration involves NAT. I show what you need to do step-by-step to configure FireWall-1 to support this configuration (see Figure 10.3).
The security policy is defined as follows.
Allow the external mail server and the Web server to be reached from anywhere via SMTP and HTTP, respectively.
Allow the external mail server to send e-mail to anywhere on the Internet and to the internal mail server.
Allow a second Web instance of a Web server (running on port 81) to be accessible via a separate IP address on port 80.
Allow clients on ...