Try to understand ASA/PIX traffic order.
For example, inbound traffic (non management traffic) will go through flow check, inbound access-list, nat , filter, outbound access-list, etc.
And if it's returned traffic and session is existed, what the firewall will do next? Simply bypass access-list but still apply NAT? Anything else the firewall will do?
Please share your thought. Thanks.