3. Palo Alto NAT Policy Concept
Palo Alto NAT Types
Source NAT
• Dynamic IP and Port (DIPP) (One to many)
• Dynamic IP (Many to Many)
• Static IP (One to One)
Destination NAT
• Static IP (One to One)
• Port Forwarding
• Port Translation
4. Palo Alto NAT Policy Concept
Configuring NAT Policy
• There can be multiple NAT rules configured on a PAN-OS device.
• NAT rules are evaluated top down like security rules.
• Once a packet matches a NAT rule, any other NAT rules configured are skipped for processing.
• Therefore, more specific NAT rules must be at the top to the rule list.
• the static NAT rules must be above all other NAT rules in the list on the firewall