In this recipe, we configured NAT policies for both DNAT and SNAT; each type can be configured on any edge and the two types are not mutually exclusive. However, the edge firewall is required to be enabled for NAT rules to be processed. You do not need to explicitly define firewall rules and can leave the default rule to allow any, if your security policy permits, but ensuring the firewall is enabled is critical.
When a NAT rule is created of either type, the rule needs to be tied to an interface where the rules will be processed. Typically, this is done on the egress/ingress interface; in our recipe, we used the Uplink interface. After defining the interface, the remaining two mandatory parameters for each NAT type are as ...