forgive me if this question seems pretty basic but could anyone tell explain this to me.

i'm performing a practice assesment and i have located an IP of a web based mail server (OWA). this server is sitting behind a hardware firewall (say PIX or Checkpoint)that is NATing the IP Address to an internal non-routable address. Now, if i use a tool such as Nmap to scan that external IP are my scan results influenced by the Firewall. Do firewalls when NATing take all traffic from the external IP and pass it to the internal nertwork and expect the server to have the remaing services closed down or do they only take traffic destined for a port and drop everything else. if it's the later, when i scan am i only scaning the 1 port that is allowing traffic to be forward to it?

Is there a way of determining if the firewall is blocking the traffic to the other ports or if the Server has been locked down and is blocking them?

Any help would be appreciated.

Regards

Thatch