cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1601
Views
15
Helpful
6
Replies
BVC
Beginner
Beginner

Cisco FTD static route leaking

I have an upcoming project that requires the configuration of a FTD, I'm new to FTD so this will be a learning curve. From the research I've done you can create static route leaking from one VRF to another VRF on the FTD, does this route leak create a static route in the routing table for each VRF that has route leaking configured? If so can you then advertise this static route out of the FTD to another device via BGP, or any other routing protocol?
 
Any help will be greatly appreciated.
1 ACCEPTED SOLUTION

Accepted Solutions
balaji.bandi
VIP Master

VRF means 2 different virtual routing tables, you can leak the route one to another or GRT, Once they are in GRT, you can redistribute to the outside or other networks.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660/fptd-fdm-virtual-routers.html

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

View solution in original post

6 REPLIES 6
balaji.bandi
VIP Master

VRF means 2 different virtual routing tables, you can leak the route one to another or GRT, Once they are in GRT, you can redistribute to the outside or other networks.

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/fdm/fptd-fdm-config-guide-660/fptd-fdm-virtual-routers.html

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

View solution in original post

Hi, thank you very much for the answer. You say once they are in the GRT table they can be redistributed, is this possible for leaking between two user defined VRFs, or is this only allowed for just one user defined VRF and the global routing table?

Once they are in GRT, you can do how ever you want to ?

 

if you like to leak vrf to vrf, export and and import is good idea.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

Okay, so I could leak from a user VRF into the GTR , then into another user VRF? Or can you leak from one user VRF into another user VRF, completely avoiding the GRT. Can you use export and import on the FTD to leak routes?

Look at the some document may help you :  ( VRF Lite you can leak the route between VRF)

 

 

https://www.cisco.com/c/en/us/td/docs/security/firepower/660/configuration/guide/fpmc-config-guide-v66/virtual-routing-for-firepower-threat-defense.html#id_99432

BB

***** Rate All Helpful Responses *****

How to Ask The Community for Help

Ok, thank you very much for your help. 

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: ISE Demo (100%)

Content for Community-Ad