Manage NAT Policies

Network Address Translation (NAT) converts the IP address of an incoming packet to a different address in the outgoing packet. One of the main functions of NAT is to enable private IP networks to connect to the Internet. NAT replaces a private IP address with a public IP address, translating the private addresses in the internal private network into routable addresses that can be used on the public Internet. NAT keeps track of the translations, also known as xlates, to ensure that return traffic is directed to the correct untranslated host address.

Procedure

Step 1

Choose Devices > NAT .

Step 2

Manage your NAT policies:

  • Create—Click New Policy and select Threat Defense NAT. See Creating NAT Policies.

  • Copy—Click Copy (copy icon) next to the policy you want to copy. You are prompted to give the copy a new, unique name. The copy includes all policy rules and configurations, but does not include device assignments.

  • Report—Click Report (Report icon) for the policy. You are prompted to save the PDF report, which includes policy attributes, device assignments, rules, and object usage information.

  • Edit—Click Edit (edit icon) next to the policy you want to edit. See Configure NAT for Threat Defense.

  • Delete—Click Delete (delete icon) next to the policy you want to delete, then click OK. When prompted whether to continue, you are also informed if another user has unsaved changes in the policy.

    Caution

    After you have deployed a NAT policy to a managed device, you cannot delete the policy from the device. Instead, you must deploy a NAT policy with no rules to remove the NAT rules already present on the managed device. You also cannot delete a policy that is the last deployed policy on any of its target devices, even if it is out of date. Before you can delete the policy completely, you must deploy a different policy to those targets.