Source NAT on the USG9000 series


Source NAT involves converting the source address in packets. Source NAT is implemented in different ways in different scenarios.

Other related questions:
Restrictions on using hot standby together with NAT on the USG9000 series
Restrictions on using hot standby together with NAT: 1. When hot standby runs together with NAT, the upstream and downstream service interfaces of the active and standby devices must be Layer 3 interfaces. 2. In the load balancing networking, if you configure only one NAT address pool and do not configure port translation in the address pool-based source NAT policy, the two firewalls may translate the source IP addresses of traffic from different hosts to the same IP address, causing address conflicts. 3. In load balancing mode, if a NAT address pool is required on both NGFWs, you must run hrp nat ports-segment primary on one NGFW and hrp nat ports-segment secondary on the other NGFW to prevent port conflicts during NAT.

Destination NAT on the USG9000 series
Destination NAT applies to the scenario in which mobile phone users need to change the destination gateway address.

Time at which the USG9000 series shall have the NAT ALG function enabled
When the NAT function and the forwarding of the packets of multi-channel protocols (such as FTP) are enabled on the device, you should enable the corresponding NAT ALG function. As multi-channel protocols negotiate temporary port numbers for transmitting packets during communications, the device adopts the NAT ALG function to automatically detect the port information in the negotiation packet to ensure that the packets of these protocols are correctly translated.

NAT on the USG9000 series
NAT is a type of address translation technology that converts the address in an IPv4 packet header into another address. Generally, the NAT technology is used to convert private addresses in IPv4 packet headers into public addresses so that users on the private network can access the Internet concurrently by using a few public addresses. The NAT technology is usually used to address the issue of public IPv4 address shortage caused by the constant increase in the Internet scale.

NAT classification on the USG9000 series
There are three types of NAT: source NAT, server mapping, and destination NAT.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top