Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
676
Views
5
Helpful
2
Replies

DMZ Switch

benolyndav
Level 4
Level 4

ā€Ž10-03-2018 09:28 AM - edited ā€Ž03-10-2019 01:05 AM

Hi 

We have a DMZ with two 5500x Firewalls and a 3850 swicth connecting them is it possible to create vrf's for different services outbound to internet just on the switch and would that even make sense.??

Labels:
0 Helpful
2 Replies 2

Karsten Iwen
VIP
VIP

ā€Ž10-04-2018 05:26 AM

If "multiple services" means multiple DMZs, then it's very likely that you don't need VRFs. One VRF ist typically used for the Management-Port of the switch. The DMZs are (at least very often) only Layer2, which means you have the VLAN configured, but no VLAN-interface. And without a VLAN-interface there is no assigned VRF.

benolyndav
Level 4
Level 4
In response to Karsten Iwen

ā€Ž10-04-2018 11:21 AM

Thank you
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents