I've got Zimbra 5 running, with the XMPP service, using NAT behind a firewall. People in the same office as the Zimbra server can connect and use it without a problem. People outside the office cannot, even though I've opened ports 5222, 5223, and 5269 to them and I can connect to those ports via telnet.
The EXTERNAL clients are being configured manually with the server name, which resolves to the external IP, which forwards traffic on those ports to the Zimbra server. The INTERNAL clients are being configured manually with the server name, which resolves to the internal IP directly.
As far as I can tell, all this SHOULD work. It just isn't working, and I don't know why not.
Any suggestions for how to find the problem?
(People logging in to webmail from outside the office can use IM through the web interface, no problem, but that's not what I want. I want them to be able to use Pidgin, like they can while in the office)