Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


About the NAT Policies Page


You are here: Network > NAT > Policies.

Network Address Translation (NAT) is a form of network masquerading where you can hide devices between the zones or interfaces. A trust zone is a segment of the network where security measures are applied. It is usually assigned to the internal LAN. An untrust zone is the Internet. NAT modifies the IP addresses of the packets moving between the trust and untrust zones.

Whenever a packet arrives at the NAT device, the device performs a translation on the packet’s IP address by rewriting it with an IP address that was specified for external use. After translation, the packet appears to have originated from the gateway rather than from the original device within the network. This helps you hide internal IP addresses from the other networks and keep your network secure.

Use this page to configure source, destination, and static NAT.

Tasks You Can Perform

You can perform the following tasks from this page:

Field Descriptions

Table 1 describes the fields on the NAT Policies Page.

Table 1: Fields on the NAT Policies Page.




Displays the sequence number of rules in a context. Drag and drop the policies within the same context to reorder your NAT policy among the existing policies.


Displays the number of hits the rule has encountered.

Rule Name

Displays the rule name.

NAT Type

Displays whether the NAT is source, destination, or static.

Source Ingress

Displays the source ingress type. For example: zone, interface, or routing instance.

Source Address

Displays the match source address of the NAT policy.

Source Port

Displays the match source port of the NAT policy.

Destination Egress

Displays the match destination egress type. For example: zone, interface, or routing instance.

Destination Address

Displays the match destination address of the NAT policy.

Destination Port

Displays the match destination port of the NAT policy.


Displays the match application for the NAT policy.


Displays the match IP protocol for the NAT policy.


Displays the action of the NAT policy.


Displays the description for the NAT policy.