Bridging a WAN and a LAN interface and using VRFs

Unanswered Question
Dec 19th, 2007

Say I have a router with an Internal Company WAN, and a Internal Company LAN interfaces - these are associated with VRF "internal". I also have and External Internet WAN and an External Internet LAN interfaces associated with VRF "internet".

Is there any way I can get the two interfaces associated with the "internet" VRF to pass traffic from WAN to LAN transparently, and thereby enabling me to avoid configuring an IP address on either interface and hence reducing security exposure? I would rather not use ACLs or access-classes and route but pass internet traffic straight trough to an internal firewall, essentially by bridging the two interfaces.

Thanks in advance, Nik.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
royalblues Wed, 12/19/2007 - 01:48

You cannot have 2 VRFs associated with a single interface.

What you can do is probably leak a default route for the internet on the internal VRF or import the route-targets as necessary



nsheridan Wed, 12/19/2007 - 01:53

Sorry - I meant say i have a pair of interfaces, one pair assigned to VRF "internet" and another pair "internal". I want to get the internet interfaces to pass layer 2.


This Discussion