Dear Experts,
I am going through routing on the ASA using the below document:
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ip.html
can someone help me understand what the 3 bullets below are referencing
exactly? I would be very grateful for your help.
Egress Interface Selection Process
* 1. *If destination IP translating XLATE already exists, the egress
interface for the packet is determined from the XLATE table, but not from
the routing table.
* 2. *If destination IP translating XLATE does not exist, but a matching
static translation exists, then the egress interface is determined from the
static route and an XLATE is created, and the routing table is not used.
* 3. *If destination IP translating XLATE does not exist and no matching
static translation exists, the packet is not destination IP translated. The
security appliance processes this packet by looking up the route to select
egress interface, then source IP translation is performed (if necessary).
For regular dynamic outbound NAT, initial outgoing packets are routed using
the route table and then creating the XLATE. Incoming return packets are
forwarded using existing XLATE only. For static NAT, destination translated
incoming packets are always forwarded using existing XLATE or static
translation rules.
Thank You
-- KJ Blogs and organic groups at http://www.ccie.netReceived on Thu Aug 12 2010 - 12:44:15 ART
This archive was generated by hypermail 2.2.0 : Wed Sep 01 2010 - 11:20:52 ART