MY CCIE JOURNEY

The basic definitions of nat / pat are obvious and we need no further explanations . so we will move on with some thing important with juniper ie, APPLICATION-LEVEL GATEWAYS

-> some protocols include some combination of IP addresses and TCP or UDP ports in their payload.If a router is configured to perform nat and translates only the layer 3 and layer 4 headers , some combination of the ip addresses and the TCP or UDP ports included in the payload by these protocols will be wrong and may prevent application from running properly

->additionally some protocols have control connections that begin other sessions.Because these sessions are created dynamically and often use random port numbers, the firewall rules will likely not allow these sessions.

->Application-level gateways (ALG'S) allow router to interact with protocols at Layer 4 and above.

->when you configure the router to use ALG, it inspects payload of connections, translating IP addresses and ports in the payload and updating the sessions started by control connection.