How Nat works.
In the example below, an inside host (192.168.1.10) wants to communicate with an outside web server (188.8.131.52). It sends a packet to the NAT-configured gateway router for the network.
The gateway router reads the source IP address of the packet and checks if the packet matches the criteria specified for translation.
The gateway router has an ACL (Access Control List) that identifies the inside network as valid hosts for translation. Therefore, it translates an inside local IP address into inside global IP address, which in this case is 184.108.40.206. It stores this translated local to global address in the NAT table. The gateway router then sends the packet to its destination.
When the web server responds, the packet comes back to the global address of gateway router (220.127.116.11).
The gateway router refers to its NAT table and sees that this was a previously translated IP address. Then, it translates the inside global address to the inside local address, and the packet is forwarded to host at IP address 192.168.1.10. If it does not find a translation that match, the packet is dropped.
There are two types of NAT translation: Dynamic and Static.