Hello Amr,
When doing NAT overload AKA NAT PAT (port address translation) as well as other types of NAT you can specify a pool of addresses. This can include
209.165.200.225 and .226 also. Or even more it configured to do so.
As long as the traffic is routed back correctly it will work. This happens in quite a few cases where companies own address ranges and select a pool to use out of the address range for Internet bound traffic.

C. The web server uses 209.165.200.225 as destination address and 3648 as the destination port when

The host sends a request to its default gateway to get to the webserver on port 80, coming from port 3648.

Router receives this request and processes the routing. After routing has taken place, NAT operation takes place (outbound)

1) NAT/PAT inspects traffic and matches it to a translation rule.
2) Rule matches to a PAT configuration.
3) If PAT knows about the traffic type and if that traffic type has "a set of specific ports or ports it negotiates" that it will use, PAT sets them aside and does not allocate them as unique identifiers.
4) If a session with no special port requirements attempts to connect out, PAT translates the IP source address and checks availability of the originated source port (433, for example).
Note: For Transmission Control Protocol (TCP) and User Datagram Protocol (UDP), the ranges are: 1-511, 512-1023, 1024-65535. For Internet Control Message Protocol (ICMP), the first group starts at 0.
5) If the requested source port is available, PAT assigns the source port, and the session continues.
6) If the requested source port is not available, PAT starts searching from the beginning of the relevant group (starting at 1 for TCP or UDP applications, and from 0 for ICMP).
7) If a port is available it is assigned, and the session continues.
********* USING A NAT POOL ********
8) If no ports are available in the relevant group on the first IP address, NAT moves on to the next IP address in the pool and tries to allocate the original source port requested.
9) If the requested source port is available, NAT assigns the source port and the session continues.
10) If the requested source port is not available, NAT starts searching from the beginning of the relevant group (starting at 1 for TCP or UDP applications, and from 0 for ICMP).
11) If a port is available, it is assigned and the session continues.
12) If no ports are available, the packet is dropped, unless another IP address is available in the pool.

Router then keeps a NAT table and translates the request from the host to the server.
Router sends the packets to the web server with destination IP of the web server, the destination port is 80 as requested by the host. But the source is translated to its IP 209.165.200.225 that it used from the NAT pool and the port also. So the source port here is 3648.

The web server gets this packet and says, okay I need to reply back, so it came from
IP 209.165.200.225
Port 3648

So it responds with a destination IP of 209.165.200.225 and destination Port of 3648.

The router receives this and NAT table lookup takes place, it's sees the matching entry for the packet.

Coming from the web server, to one of our IP addresses used in the pool on the port that we requested from, then the router knows, it was for host. And is then forwarded correctly.

Please see the bottom of this link
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_q_and_a_item09186a00800e523b.shtml

Hope this explains well.

Sent from Cisco Technical Support iPhone App