diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc
index 668ed15f7..8fb71b1df 100644
--- a/src/etc/inc/filter.inc
+++ b/src/etc/inc/filter.inc
@@ -1529,7 +1529,7 @@ function filter_nat_rules_generate(&$FilterIflist)
 
             $tmp = explode('/', $srcaddr);
             $srcip = $tmp[0];
-            if (!empty($tmp[1]) && is_numeric($tmp[1])) {
+            if (!empty($tmp[1]) && is_numeric($tmp[1]) && strpos($target, '/') === false) {
                 $sn = $tmp[1];
                 $sn1 = "/{$sn}";
             }
@@ -1546,8 +1546,8 @@ function filter_nat_rules_generate(&$FilterIflist)
             } else {
                 $nat_if_list = array();
             }
-
-            $natrules .= "binat on {$natif} from {$srcaddr} to {$dstaddr} -> {$target}{$sn1}\n";
+            $nattype = empty($rule['type']) ? "binat" : $rule['type'];
+            $natrules .= "{$nattype} on {$natif} from {$srcaddr} to {$dstaddr} -> {$target}{$sn1}\n";
             if (!empty($nat_if_list)) {
                 $binat_if_list = implode(" ", $nat_if_list);
                 $binat_if_list = "{ {$binat_if_list} }";
diff --git a/src/www/firewall_nat_1to1.php b/src/www/firewall_nat_1to1.php
index 15866b74a..493db60e9 100644
--- a/src/www/firewall_nat_1to1.php
+++ b/src/www/firewall_nat_1to1.php
@@ -226,7 +226,7 @@ $main_buttons = array(
                       <?=htmlspecialchars(convert_friendly_interface_to_friendly_descr(isset($natent['interface']) ? $natent['interface'] : "wan"));?>
                     </td>
                     <td>
-                      <?=isset($natent['external']) ? $natent['external'] : "";?><?=isset($natent['source']) ? strstr(pprint_address($natent['source']), '/') : "";?>
+                      <?=isset($natent['external']) ? $natent['external'] : "";?><?=isset($natent['source']) && strpos($natent['external'], '/') === false ? strstr(pprint_address($natent['source']), '/') : "";?>
 <?php                 if (isset($natent['external']['address']) && is_alias($natent['external']['address'])): ?>
                       &nbsp;<a href="/firewall_aliases_edit.php?name=<?=htmlspecialchars($natent['external']['address']);?>"><i class="fa fa-list"></i> </a>
 <?php                 endif; ?>
diff --git a/src/www/firewall_nat_1to1_edit.php b/src/www/firewall_nat_1to1_edit.php
index 523f1805f..3989ee79b 100644
--- a/src/www/firewall_nat_1to1_edit.php
+++ b/src/www/firewall_nat_1to1_edit.php
@@ -47,9 +47,10 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
     $pconfig['interface'] = "wan";
     $pconfig['src'] = 'lan';
     $pconfig['dst'] = 'any';
+    $pconfig['type'] = 'binat';
     if (isset($configId)) {
         // copy settings from config
-        foreach (array('disabled','interface','external','descr','natreflection') as $fieldname) {
+        foreach (array('disabled','interface','external','descr','natreflection', 'type') as $fieldname) {
           if (isset($a_1to1[$configId][$fieldname])) {
               $pconfig[$fieldname] = $a_1to1[$configId][$fieldname];
           } else {
@@ -100,8 +101,14 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
 
 
     /* For external, user can enter only ip's */
-    if (!empty($pconfig['external']) && !is_ipaddr($_POST['external'])) {
-        $input_errors[] = gettext("A valid external subnet must be specified.");
+    $tmpext = explode('/', $pconfig['external']);
+    //print_r($tmpext);echo $pconfig['srcmask'] ;die;
+    if (!empty($pconfig['external'])) {
+        if ($pconfig['type'] == 'binat' && (!is_ipaddr($tmpext[0]) || (count($tmpext) != 1 && $pconfig['srcmask'] != $tmpext[1]))) {
+            $input_errors[] = gettext("A valid external subnet must be specified.");
+        } elseif ($pconfig['type'] == 'nat' && !is_subnet($pconfig['external'])) {
+            $input_errors[] = gettext("A valid external subnet must be specified.");
+        }
     }
     /* For src, user can enter only ip's or networks */
     if (!is_specialnet($pconfig['src']) && !is_ipaddroralias($pconfig['src'])) {
@@ -124,6 +131,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
         $natent['external'] = $pconfig['external'];
         $natent['descr'] = $pconfig['descr'];
         $natent['interface'] = $pconfig['interface'];
+        $natent['type'] = $pconfig['type'];
 
         // copy form data with some kind of logic in it
         $natent['disabled'] = isset($_POST['disabled']) ? true:false;
@@ -255,19 +263,36 @@ include("head.inc");
                     </td>
                   </tr>
                   <tr>
-                    <td><a id="help_for_external" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("External subnet IP"); ?></td>
+                    <td><a id="help_for_type" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Type"); ?></td>
                     <td>
-                      <input name="external" type="text" value="<?=$pconfig['external'];?>" />
-                      <br />
-                      <div class="hidden" for="help_for_external">
-                        <?=gettext("Enter the external (usually on a WAN) subnet's starting address for the 1:1 mapping.");?><br />
-                        <?=gettext("The subnet mask from the internal address below will be applied to this IP address."); ?><br />
-                        <?=gettext("Hint: this is generally an address owned by the router itself on the selected interface."); ?>
+                      <select name="type" class="selectpicker" data-width="auto">
+                          <option value="binat" <?=$pconfig['type'] == 'binat' || empty($pconfig['type']) ? "selected=\"selected\"" : ""; ?>>
+                            <?=gettext("BINAT");?>
+                          </option>
+                          <option value="nat" <?=$pconfig['type'] == 'nat' ? "selected=\"selected\"" : ""; ?>>
+                            <?=gettext("NAT");?>
+                          </option>
+                      </select>
+                      <div class="hidden" for="help_for_type">
+                        <?=gettext("Select BINAT (default) or NAT here, when nets are equally sized binat is usually the best option.".
+                                   "Using NAT we can also map unequal sized networks.");?><br />
+                        <?=gettext("A BINAT rule specifies a bidirectional mapping between an external and internal network and can be used from both ends, nat only applies in one direction.");?>
                       </div>
                     </td>
                   </tr>
                   <tr>
-                      <td><a id="help_for_src_invert" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Internal IP") . " / ".gettext("Invert");?> </td>
+                    <td><a id="help_for_external" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("External network"); ?></td>
+                    <td>
+                      <input name="external" type="text" value="<?=$pconfig['external'];?>" />
+                      <div class="hidden" for="help_for_external">
+                        <?=gettext("Enter the external subnet's starting address for the 1:1 mapping or network.");?><br />
+                        <?=gettext("The subnet mask from the internal address below will be applied to this IP address, when none is provided."); ?><br />
+                        <?=gettext("This is the address or network the traffic will translate to/from.");?>
+                      </div>
+                    </td>
+                  </tr>
+                  <tr>
+                      <td><a id="help_for_src_invert" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Source") . " / ".gettext("Invert");?> </td>
                       <td>
                         <input name="srcnot" type="checkbox" id="srcnot" value="yes" <?= !empty($pconfig['srcnot']) ? "checked=\"checked\"" : "";?> />
                         <div class="hidden" for="help_for_src_invert">
@@ -276,7 +301,7 @@ include("head.inc");
                       </td>
                   </tr>
                   <tr>
-                      <td><a id="help_for_src" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Internal IP"); ?></td>
+                      <td><a id="help_for_src" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Source"); ?></td>
                       <td>
                         <table class="table table-condensed">
                           <tr>
@@ -313,7 +338,7 @@ include("head.inc");
                         </tr>
                       </table>
                       <div class="hidden" for="help_for_src">
-                        <?=gettext("Enter the internal (LAN) subnet for the 1:1 mapping. The subnet size specified for the internal subnet will be applied to the external subnet."); ?>
+                        <?=gettext("Enter the internal subnet for the 1:1 mapping. The subnet size specified for the source will be applied to the external subnet, when none is provided."); ?>
                       </div>
                     </td>
                   </tr>