Inside-to-Outside
If IPSec then check input Access list
decryption - for CET (Cisco Encryption Technology) or IPSec
check input access list
check input rate limits
input accounting
inspect
policy routing
routing
redirect to web cache
NAT inside to outside (local to global translation)
crypto (check map and mark for encryption)
check output access list
inspect
tcp intercept
encryption
Outside-to-Inside
If IPSec then check input access list
decryption - for CET or IPSec
check input access list
check input rate limits
input accounting
inspect
NAT outside to inside (global to local translation)
policy routing
routing
redirect to web cache
crypto (check map and mark for encryption)
check output access list
inspect
tcp intercept
encryption
FW:nat 的TCP负载均衡
配nat tcp loadbanlancing 是否一定要配虚拟机呢?
FW:一般来说,需要定义的
用访问列表定义好你的虚拟IP,然后通过NAT定义真实的IP池