What you're suggesting is possible. However, I'm a little leery of using IWP on the open Internet. There are some lingering security issues with doing so (especially in version 11), which our computer security team discovered during routine scanning. You'll need to do a couple of things:
1) First, configure the FileMaker server to allow only secured connections. You can do this when you deploy Server.
2) Configure IIS on the web server to allow only secured connections.
3) Configure the externally-accessible database to limit field length. You can do that in the Manage Database dialog. This prevents a buffer overflow vulnerability, which can allow a hacker to crash the server.
4) Since this database is being used only for searching purposes, you can limit login privileges to Read Only.
Now, to your original question: I would suggest that, instead of trying to synchronize two separate databases, that instead, you simply use a Separation Model. Just create an interface file on your external server and point it to the required file inside your firewall. That way, your client always has the latest data.
Personally, I'd try to convince the client to buy a FileMaker license, or, barring that, configure it as a Custom Web Publishing page before I'd go with IWP. But that's me.
Thanks for your answer. I like the most of your idea of "Separation Model". I will try this first and keep you posted !