Regarding the public addressing the LTM. There's two main differences. Latency (No NAT should mean very very slightly less latency) - probably only discernable if you have a very heavily loaded firewall. And support. It's easier to trace things when you're trying to find a problem if there's fewer points of translation.
FWIW I always like the fewest NAT's as possible.
Oh... Also internal and external hosts know the service by the same IP. Which means you don't get confusion when someone starts talking about IP's etc (And if you don't think it's a problem, I'd be glad to provide endless stories of literally weeks wasted because you can't find people who know what IP a particular service appears as on a particular network because of the multiple times it's NAT'ed as it crossed peoples networks....
H