In case of other NAT software NetCom do not modify any packets, but pass packets to rules and if packet allowed - sended to stack or to NIC. All NAT handling makes external NAT software (Windows ICS for example):

       For example you'r network topology and configuration equal to represented on this diagram:

If you want to allow access to the Intenet for workstations with addresses 192.168.0.12 and 192.168.0.14, do the following:

(NAT must be installed and enabled on computer with NetCom).

1. ALLOW ALL

Create rule to allow all network traffic from all to all - (it must be always last item in rules list):

Packet action equal to Allow

2. DENY EXTERNAL

Create rule with denied access for all from internal to external network (it must be always pre-last item in rules list):

Packet action equal to Deny

Protocols equal to Any IP

Source IP NOT in range 192.168.0.0 - 192.168.0.255

Destination IP in range 192.168.0.0 - 192.168.0.255

3. ALLOW BROADCASTS

Create rule with allowed IP broadcasts (it must be always first item in rules list):

Packet action equal to Allow

Protocols equal to Any IP

Destination IP equal to 255.255.255.255

4. 192.168.0.12

Create rule with allowed access for 192.168.0.12 from internal to external network:

Packet action equal to Allow

Protocols equal to Any IP

Source IP NOT in range 192.168.0.0 - 192.168.0.255

Destination IP equal to 192.168.0.12

5. 192.168.0.14

Create rule with allowed access for 192.168.0.14 from internal to external network:

Packet action equal to Allow

Protocols equal to Any IP

Source IP NOT in range 192.168.0.0 - 192.168.0.255

Destination IP equal to 192.168.0.14

6. CHANGE RULES ORDER

You must change order of rules to this:

1. ALLOW BROADCASTS - needed for normal network work;

2. 192.168.0.12 - allow access to Internet;

3. 192.168.0.14 - allow access to Internet;

4. DENY EXTERNAL - deny other external traffic;

5. ALLOW ALL - needed for normal work of Internet connection and local network.

7. ENABLE FILTERING