We have decided to run the central firewall for our customers using VRF. So below I have posted the VRF config for one company, this config is on our PPPoE Router.
Our PPPoE Router is connected to an Cisco ASA 5540, and the ASA nat`s the customers to the internet.
ip vrf Company1
route-target export 65520:1400
route-target import 65520:1400
encapsulation dot1Q 210
ip vrf forwarding Company1
ip address 192.168.5.10 255.255.255.0 secondary
ip address 10.16.1.40 255.255.255.248
no snmp trap link-status
address-family ipv4 vrf Company1
ip route vrf Company1 0.0.0.0 0.0.0.0 10.16.1.41
ip route vrf Company1 192.168.5.10 255.255.255.128 10.18.2.1
So the question now is :
1. is this configuration correct on the PPPoE Router ?? something I missed ??
2. now the question is, which parameters I need to configure in the radius server so the customers Router-Modem can receive it after he connect it to the pppoe router, usually the RADIUS gives the ip address to the customer, but in this case there is more info that RADIUS needs to assign to the customers router such as VRF info. So could someone please explain this to me ?? some example too ?
To configure a VPN routing and forwarding (VRF) instance and enter VRF configuration mode, use the vrf command in router configuration mode. To remove the VRF instance from the configuration file and restore the system to its default condition, use the no form of this command.
no vrf vrf-name
To use this command, you must be in a user group associated with a task group that includes the proper task IDs. For detailed information about user groups and task IDs.
Use the vrf command to configure a VRF instance. A VRF instance is a collection of VPN routing and forwarding tables maintained at the provider edge (PE) router.
Thank You for raply, but I think You misunderstod my question ?, I need to find out which parameters and which config the CUSTOMERS router should receive from our RADIUS server, because usually the customers receives the ip address from the RADIUS server when they connects to the our RADIUS, but now in case VRF they need more parameters, but which ???
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...