Domain with a public IP and Server with local IP.. which IP on the DNS ?

Hi

Not sure if I got all that? I'm guessing you want to point the A record for intra.mydomain.net to the Public IP Address configured in your router at your server's location. Ideally you should have a fixed external IP address or a DynDNS Account. Open whatever ports are relevant for whatever service your server is running that you want to allow external access to.

This is a list of well-known TCP/IP ports used by Apple:

http://support.apple.com/kb/TS1629?viewlocale=en_US

Tony

Hi

It all depends on what you want to do. If it was me I would use NAT:

*+NAT translation of the public IP to local server's IP+*

I can't offer any advice regarding the xincom router as I'm not familiar with it.

Tony

Hi

If your server is using it's own DNS Service to successfully access the internet then you can point your clients on the Private side of NAT to use your Server's DNS Service to access the internet or point them to your ISP's DNS Servers or even use the Router's IP address as they would pick up whatever the Router is receiving on its WAN port.

This is not difficult. At its most basic if your broadband service is through your phone line:

(a) Internet > Modem/NAT Router > Switch > Server, Clients, Printers and everything else

If your broadband service is via a cable provider:

(b) Internet > Cable Modem > NAT Router > Switch > Server, Clients, Printers and everything else

In (a) the fixed Public IP address provided by your ISP is on the WAN/Public side of your Router. In (b) it's still on the WAN/Public side of your Router as the Cable Modem is 'passing' it on via its LAN port. Whichever broadband service you have you still use NAT to control access from the Public (WAN) side of your Firewall to the Private (LAN) side.

If all you're interested in is the iCal Service it work best if your clients are using the Server to resolve DNS. This can get complicated If your website is hosted externally. But only if you configure internal DNS Services to use www as the CNAME or A Record for the Server's Web Service. You will need the Web Service to enable Wiki if you want group calendars. The other players in a successful iCal Service is Open Directory (Kerberos running) and DNS. You may want the DHCP Service as well although if your Router doing this you could leave it there.

If you want to allow external access for iCal Services it makes sense to match the internal domain to the external one. Control external access using port forwarding and firewall rules. How you decide to do this depends on your network topology.

Of course this only my opinion and possibly others may post offering different methods.

Tony

Hi

Having looked at the picture of your Router's NAT settings it does not look the best? You asked what I was using? I prefer something more graphical; possibly ZyXel, Vigor/Draytek, some of the mid to top-range Netgear Routers, even the latest BT Home Hub would be simpler and as effective than what you have. However the choice is yours.

Tony

Hi

NAT is automatic. As far as I know at its most basic it allows translation of a single fixed Public IP address to multiple Private IP addresses. As far as the Public side of NAT is concerned everything on the Private side is presented as that single IP address. At its most basic everything on the Private network (LAN) is allowed 'trusted' to access the Public network (WAN). Everything on the Public side is not allowed 'untrusted' to access the Private network - unless you want it to. This is where port forwarding comes in. Depending on the router manufacturer some offer port forwarding and firewall rules as two separate configurations. Others offer it as single service.

Tony