cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
635
Views
0
Helpful
1
Replies

nat order of operation on a PIX 6.3 or higher

thetone69
Level 1
Level 1

Hi folks,

whats the order of operation when it nats, acl and routes.

When it comes to routing are you routing the pre-nat address or the nat'd address?

Anything to clear it up would be appreciated. Does it work the same way as the router?

Cheers

Tony

1 Reply 1

abinjola
Cisco Employee
Cisco Employee

Here is the order :-

1. Recieve Packet.

2. Existing Connection?

3. Permit by Inbound ACL on interface?

4. Match translation rule (nat, static).

5. NAT embedded IP and perform security checks / randomize sequence number.

6. NAT IP header.

7. Pass packet to outgoing interface.

8. Layer 3 route lookup?

9. Layer 2 next hop?

10. Transmit packet.

hope it helps !

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: