1 Answers
When a TCP packet which exited the NAT firewall returns, the firewall looks into the
destination port in the TCP header. It would then identify the appropriate entry in the NAT
table which has the corresponding entry. After the packet is identified, the destination IP
address in the IP packet which now contains the IP address of the NAT firewall would be
re-written with the actual initiators IP address, following which the packet is sent to the
intended recipient.