07-21-2008 04:00 AM - edited 03-03-2019 10:49 PM
I need to create a VRF on a Bastion router for management..can someone direct on how I should proceed? I have a physical connection to the Bastion switch and I am not sure how I should proceed with a VRF to only allow the management vlan to be seen..
greatly appreciate the help
07-21-2008 05:23 AM
Suppose the router interfaces are
f0/0 - Connecting to Internet - 20.0.0.1/24
f0/1 - insideLAN - 10.0.0.1/24
f0/2 - Management - 172.16.20.1/24
your PC - 172.16.20.2
For the Management just configure the int f0/2 with ip 172.16.20.1 and your PC should be connected to this port for Management.
( If you are using switch , create a seperate VLAN for accomodating Router f0/ 2 and your PC)
then create a VRF VR1 and allocate the interfaces f0/0 and f0/1
Router(config)#ip vrf VR1
Router(config-vrf)#rd 100:100
Router(config)#int f0/0
Router(config-if)#no shut
Router(config-if)#ip vrf forwarding VR1
Router(config-if)#ip add 20.0.0.1 255.255.255.0
Router(config)#int f0/1
Router(config-if)#no shut
Router(config-if)#ip vrf forwarding VR1
Router(config-if)#ip add 10.0.0.1 255.255.255.0
Routing :
Default route towards ISP GW
Router(config)#ip route vrf VR1 0.0.0.0 0.0.0.0
Hope this helps.
07-21-2008 05:37 AM
this is excellent!!! I'll give it a try..thank you very much
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: