Dynamic Port Address Translation (Dynamic PAT) can only be used to establish connections from private network to public network. Dynamic PAT translates multiple private addresses to one or more public IP address.
Note For the duration of the translation, a remote host can initiate a connection to the translated host if a firewall rule allows it. Because the port address (both real and mapped) is unpredictable, a connection to the host is unlikely. Nevertheless, in this case, you can rely on the security of the firewall rules.
1. Click Firewall > NAT > Dynamic PAT.
2. Specify the PAT IP address for each WAN port.
• Auto: Automatically use the IP address of the WAN port as the translated IP address.
• Manual: Manually choose a single public IP address or a network address as the translated IP address from the IP Address drop-down list. If the address object that you want is not in the list, choose Create a new address to create a new address object. To maintain the address objects, go to the Networking > Address Management page. See Address Management, page 155.
3. Translate multiple private IP addresses of a VLAN to one or more mapped IP addresses.
• Enable WAN1: Check this box to translate all IP addresses of the selected VLAN into the public IP address specified on the WAN1 port.
• Enable WAN2: Check this box to translate all IP addresses of the selected VLAN into the public IP address specified on the WAN2 port.
• VLAN IP Address: The subnet IP address and netmask of the selected VLAN.