Setting the NAT Configuration

1. Select Configuration > Devices > System Profile from the web UI.
2. Expand the Security menu and select NAT.
   The NAT Pool screen displays by default. The NAT Pool screen lists the NAT policies that have been created thus far. Any of these policies can be selected and applied to a profile.
3. Click Edit to modify or override the attributes of a existing policy, or click Delete to remove obsolete NAT policies from the list of those available to a profile.
4. The Source tab displays by default and lists existing static NAT configurations. Existing static NAT configurations are not editable, but new configurations can be added or existing ones deleted as they become obsolete.

   Static NAT creates a permanent, one-to-one mapping between an address on an internal network and a perimeter or external network. To share a web server on a perimeter interface with the internet, use static address translation to map the actual address to a registered IP address. Static address translation hides the actual address of the server from users on insecure interfaces. Casual access by unauthorized users becomes much more difficult. Static NAT requires a dedicated address on the outside network for each host.

5. Select the Destination tab to view destination NAT configurations and to definethe way in which packets passing through the NAT on the way back to the LAN are searched against the records kept by the NAT engine.
   The destination IP address is changed back to the specific internal private class IP address to reach the LAN over the network.

6. Dynamic NAT configurations translate the IP address of packets going out from one interface to another interface based on configured conditions. Dynamic NAT requires packets be switched through a NAT router to generate translations in the translation table.

7. Click Add to create a new dynamic NAT configuration, Edit to modify or override an existing configuration, or Delete to permanently remove a configuration.