NAT is one of the most common services on firewalls. NAT is classified into source NAT, destination NAT, and bidirectional NAT based on the address translation mode.
Source NAT: translates the source IP address of a packet. Based on whether port translation is performed during source IP address translation, source NAT falls into NAT involving only source address translation (NAT No-PAT) and NAT involving both source IP address translation and source port translation (NAPT, smart NAT, easy IP, and 3-tuple NAT).
Destination NAT: translates the destination IP address of a packet. Based on the configuration mode, destination NAT can be classified into NAT policy-based destination NAT, ACL-based destination NAT, and NAT Server.
Bidirectional NAT: translates both the source and destination IP addresses of a packet. Bidirectional NAT combines source NAT and destination NAT.
Although NAT has various types and various configuration methods, the configuration principles of security policies are explicit. That is, the source and destination IP addresses specified in a security policy are the actual source and destination IP addresses.
For more information, see How to Configure Security Policies to Allow NAT.
For more posts, please click on Security TechNotes Collection, which will help you find more answers.
