Palo Alto Networks support engineers receive questions on a regular basis about NAT and something called U-Turn NAT.
NAT is Network Address Translation, and it is used to help translate a Private IP (RFC 1918) into a Public IP for privacy, because it
hides behind another IP, and the fact that a Private IP address is not routable on the Internet. This is known as Source NAT or Hide NAT.
We also have Destination NAT, which allows the firewall to advertise it's Untrust IP (or another IP) to then be translated to an Internal host
or web server.
U-Turn NAT refers to the logical path that traffic appears to travel when accessing an internal resource when they resolve thier external address. U-turn NAT is often used in a network where internal users need to access an internal DMZ server using the server’s external public IP address.
Satish recently posted about a NAT issue that he was experiencing in a recent discussion.