Skip to content Skip to site navigation

Network Address Translation Services

Network Address Translation (NAT) Services

Typically network hosts at Stanford University that use private Internet addresses to initiate connections to non-Stanford University addresses use the Carrier Grade Network Address Translation, or CGNAT, service (also referred to as Central NAT).

Stanford University private Internet addresses are translated to ephemeral, i.e. temporary, public Internet addresses in order to provide connectivity to hosts outside of the Stanford University Network (SUNet). All systems using the CGNAT service will be translated to the same public Internet address pools.

The CGNAT service is configured to automatically translate connections initiated from the following IP address ranges: ( – ( – ( – ( –

The CGNAT service also supports translations initiated from Stanford University allocated private Internet addresses not listed above on a per request basis.

Firewall NAT

The Firewall NAT service should be used when systems at Stanford University using private IP addresses need to connect to external services that require static source addresses. Systems using the Firewall NAT service will be translated to public IP address pools that are distinct for each firewall zone.

Firewall NAT is enabled on a per request basis.

Last modified April 14, 2023