Public IP Address and Bridged Modems
In order to ensure that only one firewall is inspecting traffic and handling address translations on your network, your office firewall must receive a Public IP address on its WAN interface.
This functionality may require the assistance of your internet service provider (ISP).
Identifying a private (non-public IP address) is fairly easy. If your WAN has an IP address in one of the following IP blocks, it is not a Public address, and you should contact your ISP to help "Bridge" your Modem/Gateway device, allowing a Public IP address to be assigned to your firewall/router.
your router/firewall WAN IP ADDRESS
must not fall within these ranges:
10.0.0.0 - 10.255.255.255
172.16.0.0 - 172.31.255.255
192.168.0.0 - 192.168.255.255