Example of a dynamic source translation NAT rule

This example shows a dynamic address translation that translates the addresses in one internal network to a single external address for general web browsing.

Figure: Example scenario



Table 1. Example NAT rule matching cells
Source Destination Service
192.168.1.0/24 ANY HTTP

Figure: Example NAT settings



In dynamic address translation, several source IP addresses are translated using a smaller pool of translated addresses with the help of port translation. Each client connection uses a different port on an IP address that is shared between several different connections. Because each client reserves a port, the maximum number of simultaneous connections can be calculated by multiplying the number of IP addresses by the number of ports in the range. Every port and IP address pair must be free from any other use (duplicate connections cannot successfully cross the firewall).