If you have a search through this forum I think you will find one of the McAfee guys answered a request very similar to this.
To be honest, when I went through my Firewall training back in the late 90's, this type of connection was considered to be extremely odd and the original Firewall product I was trained on (Borderware, at one point a Secure Computing-owned product), it wasn't actually possible to have traffic originate on the LAN side, pass through the Firewall, hit an IP address on the external interface and be redirected back in again. The firewall would react in a "why on earth are you trying to do that?!" manner.
On that basis, though while this is considered normal behaviour some of the other Firewalls I work with, I have tended to adopt my original teachings. Using DNS you should be able to access the web site using its hostname. When on your internal network the host should resolve to the site's private address (meaning that the traffic never needs to try and traverse the Firewall) and when the user is outside, the same URL will resolve the to appropritate external/publix IP address (which would then pass through the Firewall quite normally).
Is there any reason why, when you are using a client on your internal LAN, you would want to access the site using its public IP address?
I’ve done some digging through the discussion boards and have not stumbled across anything relevant to my post. I’ll go back and tweak my search to see if I get better and more relevant results.
My DNS scenario is slightly different. My website lives into domains; one held and managed by the top-level DNS and primarily used for external traffic, and the second, isolated local DNS. Let me see if I can break it down a little more in an example: The external address is ‘mywebsite.example.com’. In my DMZ, it goes by a different address, ‘mywebsite.domain.local’.