The differences between SNAT and DNAT

Hi Tino,

it all depends on direction of traffic, or where the traffic was initiated.

for traffic coming to the server (from the internet say) it would be a DNAT.

if the traffic is originating from the server then SNAT.

DNAT: Traffic from various IPs is being forwarded to a specific internal IP. Example: You want your internal Webserver to be available through the internet.  

SNAT: Traffic from various IPs in a certain direction should only show a specific IP.  Example: You want to reach a network over VPN but the remote network should only see a specific IP so you're hiding the internal IPs behind the IP configured in SNAT.

I hope that makes sense for you.

Hi, how about these servers? which type of NAT should we use?

- Exchange mail servers

- ERP servers

- SharedFile servers

The question is: What is the goal you want to achieve?

Did you understand my explanation above?

Hi, yes I understood your comments and saw them already in the document and sophos's website, but what I need is the realistic case, not just general, theoretical statement.

Can you see my comment above? Those were the realistic servers what I had.