Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi @Paul M1 1. You cannot have overlapping subnet between VLAN and Loopbacks2. You can use static routing (more easy) or OSPF per VRF. You need routing to and from security layer.Hope you found this helpful!** Please mark helpful answers & solutions ...
Hi, @munroe Why do you say that the route is coming from a different path?Type-3 LSA does not carry next-hop information. The router installs the IA route by running SPF toward the advertising ABR and uses the first hop on that SPF path as the next-h...
Why do you have all that "tacacs source-interface" comands? and why the interface MgmtEth0/RSP0/CPU0/0 is not configured with Mgmt-intf vrf? If you must use an interface in Mgmt-intf VRF also ensure that Mgmt-intf VRF has a route to TACACS server.
Hello @qumarce-habibzadeh Dynamic NAT only allows DMZ to Outside. Outside to DMZ requires static NAT. ACLs alone won’t fix it. Configure static NAT for DMZ hosts you want reachable from the Internet and ensure ACLs permit desired traffic.Hope you fo...
