ZyXEL Communications P-2304R-P1 Series User Manual

Appendix F NAT

P-2304R-P1 Series User’s Guide

265

Packets have not been sent from 1, A to 4, E or 5, so they cannot send packets to 1, A.

Figure 157 Port Restricted Cone NAT Example

Symmetric NAT

The full, restricted and port restricted cone NAT types use the same mapping for an outgoing
packet’s source address regardless of the destination IP address and port. In symmetric NAT,
the mapping of an outgoing packet’s source address to a source address in another network is
different for each different destination IP address and port.
In the following example, the NAT router maps the ZyXEL Device’s source address IP
address 1 and port A to IP address 2 and port B on the external network for packets sent to IP
address 3 and port B. The NAT router uses a different mapping (IP address 2 and port M)
when the ZyXEL Device sends packets to IP address 4 and port D.
A host on the external network (IP address 3 and port C for example) can only send packets to
the internal host via the external IP address and port that the NAT router used in sending a
packet to the external host’s IP address and port. So in the example, only 3, C is allowed to
send packets to 2, B and only 4, D is allowed to send packets to 2, M.

Figure 158 Symmetric NAT