In the current architecture of CDPlex, REDIRECT parameters allow for the distinction between internal (trusted) remote nodes and external (non trusted) remote nodes.
When a request comes into CDPlex and a target SERVER is selected, either an internal IP address or external (NAT'd) IP address is returned to the orignator based on the Netmap defintion of the originator being INTernal or EXTernal.
This assumes that we know what the NAT'd IP address the originator has for each of our CD Servers participating in the PLEX. We don't have that information and the Business Partner is unwilling to provide it based on their vision of confidentiality.
My suggestion would be that since the SERVER name is passed back to the user in the FMH along with the IP address, that the originator uses the SERVER name to look in their NETMAP for the IP address rather than use the one provided in the payload of our response.