Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

nat order of operation on a PIX 6.3 or higher

Hi folks,

whats the order of operation when it nats, acl and routes.

When it comes to routing are you routing the pre-nat address or the nat'd address?

Anything to clear it up would be appreciated. Does it work the same way as the router?

Cheers

Tony

1 REPLY
Cisco Employee

Re: nat order of operation on a PIX 6.3 or higher

Here is the order :-

1. Recieve Packet.

2. Existing Connection?

3. Permit by Inbound ACL on interface?

4. Match translation rule (nat, static).

5. NAT embedded IP and perform security checks / randomize sequence number.

6. NAT IP header.

7. Pass packet to outgoing interface.

8. Layer 3 route lookup?

9. Layer 2 next hop?

10. Transmit packet.

hope it helps !

295
Views
0
Helpful
1
Replies