From this page on cisco.com:
inside-to-outside:
* If IPSec, then check input access list
* Decryption—for Cisco Encryption Technology (CET) or IPSec
* Check input access list
* Check input rate limits
* Input accounting
* Policy routing
* Routing
* Redirect to Web cache
* NAT inside to outside (local to global translation)
* Crypto (check map and mark for encryption)
* Check output access list
* Inspect context-based access control (CBAC)
* TCP intercept
* Encryption
outside-to-inside:
* If IPSec, then check input access list
* Decryption—for CET or IPSec
* Check input access list
* Check input rate limits
* Input accounting
* NAT outside to inside (global to local translation)
* Policy routing
* Routing
* Redirect to Web cache
* Crypto (check map and mark for encryption)
* Check output access list
* Inspect CBAC
* TCP intercept
* Encryption
Subscribe to:
Post Comments (Atom)
About Me
- regis
- Regis has worked as a network engineer since 1994 for small companies and for large companies.
No comments:
Post a Comment