cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
267
Views
0
Helpful
1
Replies

VRFs through routed FWSM?

davidjohnmeier
Level 1
Level 1

OK, so I have an interesting situation. I have a architecture that has 4 6509s in it and they're all interconnected in a cross hatch / direct link manner, so I have complete redundancy. The top (we'll call the Core) pair have an FWSM in them. Above the cores is a L2 environment which we can ignore. My problem is that the core and bottom pair of 6509 (we'll call the Access) are all participating in multiple VRFs together using OSPF as the routing protocol. My problem is this:

(VRF1) Access --> FWSM --> (VRF1) Core

From what I can tell there's no way to preserve the VRF across the FWSM in routed mode. The reason why I'd like to keep it routed is because within VRF1 I have multiple VLANs. And I'd like to seperate traffic between those VLANs using multiple SVIs on the FWSM.

Anybody have any ideas of how I can get the VRF through the routed firewall, preserving it and not breaking OSPF?

TIA!!!

1 Reply 1

hadbou
Level 5
Level 5

In routed mode, the FWSM is considered to be a router hop in the network. It can use OSPF or passive RIP (in single context mode). Routed mode supports many interfaces, and each interface is on a different subnet. You can share interfaces between contexts, with some limitations.

refer the following url for more info on configuring FWSM in routed mode:

http://www.cisco.com/en/US/docs/security/fwsm/fwsm40/configuration/guide/fwmode_f.html#wp1001958

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: