Separate routing processes on 6506E switch

Unanswered Question
Dec 19th, 2008
User Badges:

Hi all,


I have a 6506E switch with multiple VLAN's. I need to interconnect 2 groups of VLAN's via a PIX 525E running 6.2 so can't subinterface. Is it possible to run a routing process on the 6506E for vlans's a-c and another also on the 6506E for vlan's d-f allowing the firewall to control access between the groups? By default the 6506E routes all the connected vlans a-f together which circumvents the firewall.

TIA Zac

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Fri, 12/19/2008 - 07:12
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Zac


Yes you can do this using VRF-lite -


http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/46sg/configuration/guide/vrf.html


I know this doc is for the 4500 but it works on the 6500, i can just never fine the doc for that.


Vrf-lite will allow you to have 2 completely separate routing and forwarding tables one for vlan a-c (vrf1) and one for vlans d - f (vrf2).


Assuming you are using 2 interfaces on the pix you would then allocate ports that the interfaces connect into on the 6500 as either vrf1 or vrf2.


Jon

zac.quinn Tue, 03/17/2009 - 07:33
User Badges:

Apologies for not getting back to you. Many thanks for the info but in the end the topology changed so this was no longer required and I forgot I'd even asked the question!!!

Actions

This Discussion