I have a question about NAT (IP Masq) that I've wondered about...
Let's say you have a setup like this:

        |
        |
        |
     |-----|
     | NAT |
     |-----|
        |
        |
     |-----|       |-----|
     | HUB |-------| Web |
     |-----|       |-----|
        |
        |
    |--------|
    | client |
    |--------|


The NAT box is also port-forwarding any requests on port 80 to the Web
server.  The web server and the client boxes have private IP addresses.
Users connecting from the Internet are able to access the Web server
without any problems, but if a user sitting on the internal network on the
client box tries to access the web server, it will do a lookup and get
the external IP address of the NAT box, and the connection to the web
server will fail.  In the past I've dealt with this situation by either
putting the web server's private IP address in all the client's hosts
files, or I've setup a DNS server on the internal network.
So my question is, why does NAT fail in this situation?  Why doesn't the
client's request get redirected back to the web server?  I'm fairly
comfortable with TCP/IP so feel free to get as detailed as possible.
Thanks,
~M