A new flow source from Host 1 with a source address of 184.108.40.206 and a destination address of 220.127.116.11.
The packet arrives at the ION device's internet interface. It performs the policy lookup and the traffic on the LAN path.
Place the packet onto the LAN segment and match it against the recently created NAT Policy Rule.
This rule contains the following configuration:
The NAT Pool LAN-Services define as 10.10.10.20 - 10.10.10.20 on the branch ION device.
NAT Pools are defined in persisting ranges and can be configured through the NAT Policy UI or directly through the device-level interface configuration.
As the policy applies to the packet, the original destination address is 18.104.22.168, overwrites by the NAT Pool LAN-Services address. In this example the original packet (s) 22.214.171.124:12345: (d) 126.96.36.199:443. Is rewritten to: (s) 188.8.131.52:12345: (d) 10.10.10.20:443.
Traffic arrives on the LAN at the server hosting inbound services from the internet.
Sends the return traffic to the destination of 184.108.40.206:12345.
Traffic arrives at the ION device's LAN interface, where a translation table check is performed on the flow to ensure that there is an active connection.
Establish the traffic onto the LAN segment, the source IP address is rewritten from 10.10.10.10:443 to 220.127.116.11:443.
If traffic that originates from Server 1 (10.10.10.20) also needs to be translated to 18.104.22.168 and a corresponding Source NAT Rule is configured.