02-23-2022 06:41 AM
Hello, could you please explain what needs to be done to make this situation work properly. The company has implemented network segmentation using VRF. All traffic from VRF goes through PFsense. I want to make a GRT leak to VRF. I did a VRF receive command. It works well I can access internal IP addresses from an external vlan, but when I want to access a web that has mapped external IP 1: 1 on the Pfsense - I can’t access it. When I run the tracert command, it does not know where that external IP address is located. Could you help me, please?
02-23-2022 06:51 AM
Hi
What device is connected to Pfsense?
One more question. If all VRF terminates on the firewall, it means that the routing should be done on the firewall. If you leak VRF you are bypassing the firewall. Is that Ok?
02-23-2022 09:00 AM
There is Cisco modular switch connected to two different PFsenses. The network topology looks similar to this one:
All vlans Global and private are on Cisco C6807-XL.
02-23-2022 09:19 AM
Your attachment did not work. Attach as a file please. It is important to see the topology
02-23-2022 09:31 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide