Hello Justin
Scott’s explanation is essentially correct. Every time a communication occurs from the Internet over the NAT router to the web server, a NAT translation occurs. This is the case whether the communication is the first transmission of a three way TCP handshake or the sending of email data or just a ping. The content of the communication doesn’t matter, the translation will occur.
So when the initial communication of the TCP 3 way handshake arrives at the NAT router, the destination address is translated from the outside address to the inside address of the web server. The web server responds with the source address being translated when it traverses the NAT router, and the third part of the handshake once again is translated on its way in again. Each part of the handshake is translated just like any other packet that will traverse the NAT router.
A NAT router will not keep track of TCP connections. It will only keep track of translations.
I hope this has been helpful!
Laz