Network Address Translation with Gateway
By default, Gateway applies Network Address Translation (NAT) to traffic flow to your private network. NAT is also applied to your endpoints (for example, devices) when users access the Internet and SaaS apps. After NAT is applied, the real IP address is concealed and all inbound connections to a specific endpoint are prevented. NAT is not applied to flows that do not use the Gateway tunnel (for example, Safe Mode).
Note: Inbound connections to endpoints are prevented by Gateway (for example, you cannot establish a connection to endpoints using remote IT tools, such as Remote Desktop Connection).
NAT is applied to traffic that flows through the Gateway Connector to your private network. The connector provides additional information on UDP and TCP flows that are displayed on the Network Events screen (Gateway > Events). You can identify the private source IP and private source port of an event that has been blocked or identified as a potentially malicious. For more information, see the following:
NAT is applied by Gateway to traffic that flows through the tunnel to access Internet destinations and cloud-based SaaS applications. You can filter the events based on the Gateway tunnel IP address that was used by users to access the external destinations. For more information, see the following: