ZyXEL Communications Prestige P-870HW-51a v2 User Manual

Chapter 5 WAN Setup

P-870HW-51a v2 User’s Guide

65

Full Cone NAT

In full cone NAT, the NAT router maps all outgoing packets from an internal IP
address and port to a single IP address and port on the external network. The NAT
router also maps packets coming to that external IP address and port to the
internal IP address and port.

In the following example, the ZyXEL Device maps the source address of all
packets sent from the internal IP address 1 and port A to IP address 2 and port B
on the external network. The ZyXEL Device also performs NAT on all incoming
packets sent to IP address 2 and port B and forwards them to IP address 1, port
A.

Figure 32 Full Cone NAT Example

Symmetric NAT

The full, restricted and port restricted cone NAT types use the same mapping for
an outgoing packet’s source address regardless of the destination IP address and
port. In symmetric NAT, the mapping of an outgoing packet’s source address to a
source address in another network is different for each different destination IP
address and port.

In the following example, the ZyXEL Device maps the source address IP address 1
and port A to IP address 2 and port B on the external network for packets sent to
IP address 3 and port C. The ZyXEL Device uses a different mapping (IP address 2
and port M) for packets sent to IP address 4 and port

D

.

A host on the external network (IP address 3 and port C for example) can only
send packets to the internal host via the external IP address and port that the NAT
router used in sending a packet to the external host’s IP address and port. So in

2, B

1, A