VRF Question

benolyndav · ‎01-11-2021

Hi

Our service provider has configured 3 vrf's on their interface connecting to our network, we have a L3 peering with them and all fine with this, but these new vrf's are L2 not part of any routing so how can I put a Firewall in the path somewhere inside our Lan to control access to a Server we will be adding to new vrf, its confusing because the gateway for the vrf ,s are obviously on the provider Router.???

balaji.bandi · ‎01-11-2021

Summarise you have 3 VRF Layer 3 and 2 VRF Layer 2

how are they terminating to you, do you have any small diagram to undertand how exiting one connected and how the new one connected ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

benolyndav · ‎01-11-2021

Hi

Attached as requested.

thanks

Georg Pauwen · ‎01-11-2021

Hello,

which firewall do you have (or plan on having) ? Most firewalls let you filter on layer 2 attributes such as MAC address as well...

benolyndav · ‎01-11-2021

Hi

I have attached a little diagram, my problem is users will come in to the network from the provider Router having treversed the vrf from remote sites the new server will have an IP Address in the vrf range on site which is mapped to vrf with vlan, so how do i controll access once requests are inside as its all L2.??

thanks

benolyndav · ‎01-11-2021

Hi Little diagram if it helps