cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
715
Views
0
Helpful
1
Replies

IOS FW Order of operation for NAT & Inspection

markbowman
Level 1
Level 1

Can someone answer the questions on the text file? It is just an order of operation question on the IOS FW.

1 Reply 1

Alex Yeung
Cisco Employee
Cisco Employee

From ingress to egress:

stateless IOS IPS -> IPSec decryption -> auth proxy -> input ACL -> virtual fragment inspection -> NAT before routing -> routeing -> NAT after routing -> stateful IOS IPS -> outbound ACL -> ISO FW -> IPSec encryption

HTH.

Alex Yeung

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: