I'm trying to setup a dynamic nat 44 where once a client maps to a public IP, they can then receive unsolicited data back through the router. Currently it seems that they can only get data from established flows, but not from anything unsolicited (reverse flow). Since dynamic-nat44 assigns an entire IP to the client, can't it just allow data to flow back to the client? Is this a place I should use twice-dynamic-nat-44?
I'm using "dynamic-nat44" where I have a dynamic range of private IPs that will be NAT'd to a fixed range of public IPs (no PAT). The idea being once they are given an entire public IP, they can have full inbound and outbound communication on that public. Right now they get the public IP, but only established flows can receive inbound data. If i had to call it something else, what I'd want would be more like "dynamic 1:1 NAT".
I dont want to use basic-nat44 because that requires the source and translated pools to be the same size. I have a dynamic number of source/private IPs.