Prohibited: This setting prohibits the partner from performing Outbound NAT. When you select this option for the partner, the partner cannot perform Outbound NAT on any of its own subnets that are included in the User Groups being exported to you. No tunnel will be built and a Configuration Alert will be generated if the partner attempts to NAT its own User Groups.

This option is not supported for third-party device partners.

Permitted: This is a passive setting. The Corente Services Gateway will not NAT this partner's User Groups, but it will not prevent any address ranges from being NATed by the partner. This setting can be overridden by any other NAT setting. This is the default setting.

Auto Resolve: If your Corente Services Gateway detects a conflict between an address range in the local User Groups that you are sharing with the partner and an address range in the partner's User Groups, your Corente Services Gateway will attempt to resolve the conflict by automatically remapping the conflicting remote range to a new address space when this setting is selected. The NATed IP addresses will only be visible by local computers, the remote computers will not know that they have been NATed. When there is no address conflict with the partner, the Auto Resolve setting will function like the Permitted setting. To solve direct address conflicts between two partners, both partners must enable Auto Resolve NAT for each other so that address conflicts are resolved on both sides of the connection. Additionally, both partners can only have Outbound NAT settings of Permitted or Specified in their Default User Group.

This option is not supported for third-party device partners.

If the local Corente Services Gateway runs out of address space to resolve remote ranges to, the tunnel will not be established and will appear in the Configuration Alert state. An alarm notification will be sent to the email addresses you specify on the Alerts tab, if you choose to be notified about Configuration Alerts. Remember that an administrator cannot control what address ranges will be used when User Groups are NATed using Auto Resolve NAT. If you are concerned about maintaining specific IP addresses for machines on your network or on the networks of remote partners, you can use Inbound NAT to resolve IP address conflicts.

Inbound: This setting can also be used to resolve IP address conflicts. When this setting is enabled for the partner, your Location gateway will remap all IP addresses in the partner's User Groups to a new set of addresses in the subnet that you specify. Unlike Auto Resolve NAT, this setting will remap the addresses even if there are no address conflicts. The NATed IP addresses will only be visible by local computers, the remote computers will not know that they have been NATed. After selecting this option, the adjacent fields will be enabled and must be filled in. Enter the subnet and netmask to which your Location gateway will remap the partner's User Groups. This address space must be unique in your LAN.

Like the Auto Resolve option, to solve address direct conflicts between two partners, both partners must enable Inbound NAT for each other so that address conflicts are resolved on both sides of the application network connection. Additionally, both partners can only have Outbound NAT settings of Permitted or Specified in their Default User Group.