Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
718
Views
0
Helpful
1
Replies

IOS FW Order of operation for NAT & Inspection

markbowman
Level 1
Level 1

‎07-29-2009 03:28 AM - edited ‎03-11-2019 09:00 AM

Can someone answer the questions on the text file? It is just an order of operation question on the IOS FW.

Labels:
Preview file
11 KB
0 Helpful
1 Reply 1

Alex Yeung
Cisco Employee
Cisco Employee

‎07-29-2009 09:29 AM

From ingress to egress:

stateless IOS IPS -> IPSec decryption -> auth proxy -> input ACL -> virtual fragment inspection -> NAT before routing -> routeing -> NAT after routing -> stateful IOS IPS -> outbound ACL -> ISO FW -> IPSec encryption

HTH.

Alex Yeung

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card