Network Router User Manual
W
EB
-B
ASED
 M
ANAGEMENT
3-14
NAT Configuration
NAT (Network Address Translation) and NAPT (Network Address and 
Port Translation) convert IP addresses on a private network (designated as 
“internal” or “Local Area Network” (LAN) to global IP addresses that can 
forward packets to another registered network (designated as “external” or 
“Wide Area Network” (WAN), with all traffic passing through the firewall. 
NAT/NAPT re-writes the IP headers of internal packets going out, 
making it appear that they all came from the firewall, and enables multiple 
PCs on the LAN to access the Internet for the cost of one Internet 
account and one IP address. Reply packets coming back are re-translated 
and forwarded to the appropriate internal machine/port. Thus, internal 
machines are allowed to connect to the outside world. However, external 
machines cannot find the internal machines since they are aware of only 
one IP address, that of the firewall. By protecting the single network 
firewall, the entire internal network can be protected.
NAPT is a special case of NAT, where many IP numbers are hidden 
behind a number of addresses. In contrast to the original NAT, the number 
of connections is not limited to that number. With NAPT, an almost 
arbitrary number of connections is multiplexed using TCP port 
information. 
NAT and NAPT can also secure your network from direct attack by 
hackers and provide more flexible management by allowing you to change 










