v18 NAT - stateful?

Question

Hi, 
 I am a little bit confused about the reflexive NAT rules in v18. I migrated from v17 and it has created a lot of additional firewall (not NAT) rules for incoming destination NAT rule reversals. For example, I used to have an incoming DNAT business firewall rule to a webserver. The migration added a second rule below that with "reflexive" in the name. That rule has zero hits. 
 Shouldn't NAT be stateful? E.g. if I have an incoming DNAT rule, the reply traffic should be matched to the session and natted back automatically? Why would I have to add these weird reflexive rules? 
 I am completely and utterly confused.

LuCar Toni · Accepted Answer

NAT is stateful. But Reflexive NAT is something else! 
 
 Stateful: A talks to B. While this conversation, Bs reply packets are allowed to travel to A. 
 Reflexive: A Talks to B. B is allowed to Build a new conversation to A with the same firewall rule. 
 
 Basically i would not recommend to use Reflexive in the field. You should configure the Firewall Rule set properly. 
 
 Maybe your Reflexive Rule is never used because your Destination never builds an own traffic stream? 
 Or: The Destination (B in our Example) has another firewall /NAT Rule on Top, which pick up the traffic? 
 Check the Policy Test Tool, if B can reach A with another Rule.