Inside to Outside
- If IPsec, check input access list
- Decryption for CET (Cisco Encryption Technology) or IPsec
- Check input access list
- Check input rate limits
- Input accounting
- Inspect
- Policy routing
- Routing
- Redirect to web cache
- NAT inside to outside (local-to-global translation)
- Crypto (check map and mark for encryption)
- Check output access list
- Inspect
- TCP intercept
- Encryption
- If IPsec, check input access list
- Decryption for CET or IPsec
- Check input access list
- Check input rate limits
- Input accounting
- Inspect
- NAT outside to inside (global-to-local translation)
- Policy routing
- Routing
- Redirect to web cache
- Crypto (check map and mark for encryption)
- Check output access list
- Inspect
- TCP intercept
- Encryption
Notice the reverse of routing and natting depending on the flow of the traffic
No comments:
Post a Comment