Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Creating NAT Pools

Before You Begin

A NAT pool is a set of IP addresses that you can define and use for translation. NAT policies perform address translation by translating internal IP addresses to the addresses in these pools. Unlike static NAT, where there is a one-to-one mapping that includes destination IP address translation in one direction and source IP address translation in the reverse direction, with source NAT, you translate the original source IP address to an IP address in the address pool. With destination NAT, you translate the original destination address to an IP address in the address pool.

Note:

Do not overlap NAT addresses for source NAT, destination NAT, and static NAT within one routing instance.

To configure a NAT pool:

  1. Select Configure > NAT Policy > Pools.
  2. Click the plus sign (+) to create a new NAT pool.
  3. Complete the configuration according to the guidelines provided in Table 1.
  4. Click OK.

A new NAT pool with your configurations is created. You can also assign NAT pools to a domain; see Assigning Policies and Profiles to Domains.

Table 1: NAT Pool Settings

Setting

Guideline

General Information

Name

Enter a unique string of alphanumeric characters, colons, periods, slashes, dashes, and underscores; no spaces allowed; 31-character maximum.

Description

Enter a description for the new NAT pool; maximum length is 255 characters.

Pool Type

Select a NAT pool type to configure:

  • Source

  • Destination

Pool Address

Select a NAT pool address or click Create to create a new NAT pool address.

Routing Instance

Device

Select a device for a routing instance.

Routing Instance

Select the required routing instance from the list of available routing instances for the selected device.

Port

Enter the port number for the destination Nat pool type.

Advanced

Host Address Base

Specify the base address of the original source IP address range. This is used for IP address shifting.

Translation

Specify the following translation type for the incoming traffic:

  • No Translation—There is no translation required for the incoming traffic.

  • Port/Range—Set the global default single port range for source NAT pools with port translation.

  • Overload

Address Pooling

Specify a NAT address pooling behavior:

  • Paired—Use this option for applications that require all sessions associated with one internal IP address to be translated to the same external IP address for multiple sessions.

  • Non-Paired—Use this option for applications that can be assigned IP addresses in a round-robin fashion.

Address Sharing

Specify that multiple internal IP addresses can be mapped to the same external IP address. Use this option only when the source NAT pool is configured with no port translation. When a source NAT pool has only one or few external IP addresses available, the address sharing option with a many-to-one address mapping increases NAT resources and improves traffic.

Overflow Pool Type

Specify a source pool to use when the current address pool is exhausted.

  • Interface—Allow the interface pool to support overflow.

  • Pool—Name of the source address pool.

    • Overflow Pool—Once addresses from the original source NAT pool are exhausted, IP addresses and port numbers are allocated from the overflow pool. A user-defined source NAT pool or an egress interface can be used as the overflow pool. (When the overflow pool is used, the pool ID is returned with the address.)

Start

Specify the beginning port range for the source NAT pools, if the Translation type is Port/Range. The starting and ending port range is 1024 through 65535.

End

Specify the end port range. The starting and ending port range is 1024 through 65535.

Port Overloading Factor

Configure the port overloading-capacity for a source NAT pool. If the factor is set to x, each translated IP address has x times the maximum number of ports available. The range is 2 through 32.