Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

IOS FW Order of operation for NAT & Inspection

Can someone answer the questions on the text file? It is just an order of operation question on the IOS FW.

1 REPLY
Cisco Employee

Re: IOS FW Order of operation for NAT & Inspection

From ingress to egress:

stateless IOS IPS -> IPSec decryption -> auth proxy -> input ACL -> virtual fragment inspection -> NAT before routing -> routeing -> NAT after routing -> stateful IOS IPS -> outbound ACL -> ISO FW -> IPSec encryption

HTH.

Alex Yeung

368
Views
0
Helpful
1
Replies