cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
790
Views
1
Helpful
2
Replies

ASA Packet processing prior 8.2 & afterward 8.2?

zaydiip
Level 1
Level 1

Hello Everyone,

I am new to the world of Cisco, so can someone help me out to find the difference between packet process prior 8.2 & afterward 8.2.

Prior and till 8.2:  ACL is hit first then NAT is applied because NAT is software based and its quite slow. So to improve efficiency traffic is first filtered out by ACL.

Afterward 8.2: NAT is applied first and then ACL is hit because NAT is hardware based and its fast as compared to software-based NAT.

Are these are the only difference between them?


Please correct me if i am wrong.

2 Replies 2

Jason Gervia
Cisco Employee
Cisco Employee

There's a good diagram in this thread on the learning network:

ASA order of operations (pre-8.3 and post 8.3) - 46543 - The Cisco Learning Network

Hi Jason,

Thanks for the reply.

Actually, i am curious about the Hardware/Software part about the NAT.

So is it true or just a rumor that:


Prior and till 8.2:  ACL is hit first then NAT is applied because NAT is software based and its quite slow. So to improve efficiency, traffic is first filtered out by ACL.

Afterward 8.2: NAT is applied first and then ACL is hit because NAT is hardware based and its fast as compared to software-based NAT

?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: