nat order of operation on a PIX 6.3 or higher

Unanswered Question
Oct 22nd, 2008

Hi folks,

whats the order of operation when it nats, acl and routes.

When it comes to routing are you routing the pre-nat address or the nat'd address?

Anything to clear it up would be appreciated. Does it work the same way as the router?

Cheers

Tony

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
abinjola Wed, 10/22/2008 - 04:22

Here is the order :-

1. Recieve Packet.

2. Existing Connection?

3. Permit by Inbound ACL on interface?

4. Match translation rule (nat, static).

5. NAT embedded IP and perform security checks / randomize sequence number.

6. NAT IP header.

7. Pass packet to outgoing interface.

8. Layer 3 route lookup?

9. Layer 2 next hop?

10. Transmit packet.

hope it helps !

Actions

This Discussion