I have a iptables firewall set up with 1:1 static NAT enabled for a few hosts.

x.x.x.130 => 192.168.123.130
x.x.x.131 => 192.168.123.131
x.x.x.131 => 192.168.123.132
using
-A PREROUTING -d x.x.x.130 -p tcp -j DNAT --to 192.168.123.130
-A PREROUTING -d x.x.x.131 -p tcp -j DNAT --to 192.168.123.131
-A PREROUTING -d x.x.x.132 -p tcp -j DNAT --to 192.168.123.132

The external IP's are DNS'ed to domain names. But when I use the external ip address or domain names from a machine behind the firewall to establish a new connection via a browser the connection doesn't work. It does however work fine from the outside world using the external ip or domain name. What kind of rule would I need to map the external ip to the internal ip for traffic originating inside the firewall also?

The easiest way ... using a second DNS server with the internal ips for internal use only is not an option for me at this time.

Thanks
-Dave