One of the problems with AirPort is that it does not allow users to access more advanced settings which would allow users to customize their network. There are several examples of this, for example AirPort does not support custom DHCP flags, nor does it support customizing the DNS system.

The following guide explains a Double-NAT trick to allow users to have a "real" server behind AirPort.

In order to achieve this setup, first thing is to go to AirPort→Internet→Internet Connection→Connection Sharing→Share a public IP address.

The trick is to configure AirPort to hand out one single address to the server. This can be done by accessing: AirPort→Internet→DHCP and configuring a single address, by setting the beginning address and the ending address to the same value, ie: 192.168.1.2.

After that, in DHCP Reservations reserve that single address 192.168.1.2 for the server by specifying mapping the MAC address of the server to 192.168.1.2.

The next step is to set the server into DMZ, which can be done by going to AirPort→Internet→NAT and then ticking the Enable default host at option and specifying the address above 192.168.1.2. This will ensure that all port traffic is transparently forwarded to the server without having AirPort bother with it.

AirPort may issue errors about Double NATing - this means that AirPort detects that two devices are NAT-ing: AirPort and the server you have configured behind it. This warning should be ignored because you are setting the server into DMZ anyway.

This is important so that services that use protocols such as GRE for pptp can be used behind AirPort.

There are many options that you could choose when setting up AirPort this way. This is based on the fact that AirPort already contains a DHCP and a DNS server, meaning that some clients could be told to use AirPort instead of the server through DHCP. Also, one could load-balance the DNS traffic between the server and Airport.