Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1140
Views
0
Helpful
6
Replies

VRF for Router Interface

Sue Matter
Level 1
Level 1

‎11-15-2012 11:45 AM - edited ‎03-04-2019 06:09 PM

We have a 2921 router and currently use 3 interfaces.

0 is external

1` is internal

2 is Wireless access point

Natting is set for the inside, but we use Citrix and need to allow users to get the external IP from interface 2    

It appears that VRF will do this and we can have access to the external IP from an inside port.  Can VRF be setup only on one iterface and have the other 2 interfaces use standard Natting?

Or do I need to reconfigure all the Natting to use VRF?

If this is possible, does anyone have an example of this setup just for one interface?

Has anyone else ever set this up specficially for Citrix routing to an external IP from the inside?

Thanks

Sue             

Labels:
0 Helpful
6 Replies 6

rais
Level 7
Level 7

‎11-16-2012 07:34 AM

A VRF can be created using a single interface. But what are you trying to achive...give access to someone on the Internet to a host on interface 2 of your router?

Thanks.

0 Helpful

Sue Matter
Level 1
Level 1
In response to rais

‎11-16-2012 07:50 AM

We have users connecting through the Wireless that is on interface 2 and they need access to an Internet address used for our Citrix connection.  This external IP is already Natted and when connected to interface 2 none of the Natted IP's are working from this interface.

Access will be limited to users that have connected through this interface and need to get to the same Internet address they use when they are not in the office.

0 Helpful

rais
Level 7
Level 7
In response to Sue Matter

‎11-16-2012 08:10 AM

Have you defined Intf 2 as inside as well. Please post your config.

Thanks.

0 Helpful

Sue Matter
Level 1
Level 1
In response to rais

‎11-16-2012 08:27 AM

We have it Natting to the inside for now, to allow Internet access.

interface GigabitEthernet0/0
description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$
ip address LANGateway 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp

ip nat inside
ip virtual-reassembly in

duplex auto
speed auto
no snmp trap link-status
no cdp enable
!
interface GigabitEthernet0/1

ip address ExternalIP 255.255.255.128
ip access-group 101 in
no ip redirects
no ip proxy-arp
ip flow ingress
ip flow egress
ip nat outside
ip virtual-reassembly in
ip verify unicast reverse-path

duplex auto
speed auto

no cdp enable
!
interface GigabitEthernet0/2
description $ETH-WAN$
ip address WirelessGateway 255.255.255.0
no ip redirects
no ip proxy-arp
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
no snmp trap link-status
no cdp enable

ip nat inside source list 150 interface GigabitEthernet0/1 overload
ip nat inside source static tcp  CitrixinsideIPAddress 443 CitrixOutsideIP 443 extendable


access-list 150 permit ip  internal_subnet 0.0.0.255 any
access-list 150 permit ip  wireless_subnet 0.0.0.255 any

0 Helpful

rais
Level 7
Level 7
In response to Sue Matter

‎11-16-2012 08:55 AM

You can have Cirtrix Server get a public IP address.

Thanks.

0 Helpful

Sue Matter
Level 1
Level 1
In response to rais

‎11-16-2012 09:01 AM

The Citrix server already has a public IP and the Citrix enviornment is already working and has been for several years.

The Wireless interface on this router and its connection to the Citrix External IP is not being routed properly due to the Natting needed on the other interfaces.

Has anyone used VRF on a Cisco router with Citrix for internal Wireless connections?

0 Helpful
Customers Also Viewed These Support Documents