Val is correct, in fact I don't personally consider the NAT rulebase a "real" policy layer like all the others. You are confined to using host/network/range IP addresses along with port numbers (and groups of these) in NAT rules, and can't use most of the more advanced object types introduced later such as Access Roles, Security Zones, and Applications/URL Categories. Updatable Objects can be used in NAT rules, but only if they just consist of a list of IP addresses/networks.
New 2-day Live "Max Power" Series Course Now Available:
"Gateway Performance Optimization R81.20" at maxpowerfirewalls.com