Hi all, i did a lot of search about the following case and it is not
clear to me what are the facts. I need to bind about 10 VRF to the central router (MSFC) in a 6513 with 720G sup.
The objectives is to do as illustrate in the Figure B 5 Example 5 of this Cisco Document : http://www.cisco.com/en/US/docs/security/fwsm/fwsm32/configuration/guide/exampl_f.html#wp1047426
The doc is not specifiying bottom router are physical. So we would like to to the same thing but with VRF for each customer. The question is 'How establish the connectivity between a VRF and the router (MSFC), in order to place a transparent FW context (in FWSM in the same chassis) between the VRF and the MSFC.
We need transparent because behind some customer VRF there will be a WAN with dynamic routing (which is not supported in routed Firewall in multi-context mode).
Any tips would be appreciated.
Probably we could plug a wire in the switch and 'connect' the VRF and a routed port but it is not very attractive !
I understand i can do Route Leaking between VRF with BGP, but this way we couldn't place transparent FW....