INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

VRF Lite Configuration

VRF Lite Configuration

(OP)
Hi all,
attached you can find the scenario for which I need your help.
On Catalyst 4500 I have two vlans, for my two office network services. For each vlan I created a VRF Lite routing. Then I have other two vlans to interface with firewall.
My Issue is that I can't ping Access Box 172.28.2.1 from PC 172.27.1.109.
All the traffic has to pass throw the firewall, but it seems that it's not so, since if I perform a tracert from the PC 172.27.1.109 it stops at 172.27.1.1, that is its gateway, and not at firewall interface 172.105.1.4 as I would like to be.

Following are the configuration of the 4510 Core Switch:

ip vrf BN_A
description "vrf backbone A"
!
interface GigabitEthernet2/7
description --- Link to ASA_BN_A ---
switchport trunk allowed vlan 104
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet2/46
description --- Link to ASA COM ---
switchport trunk allowed vlan 105
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet3/9
description -- Link to Switch 172.27.65.1 ---
switchport trunk allowed vlan 10
switchport mode trunk
!
interface Vlan10
description --- NET_A ---
ip vrf forwarding BN_A
ip address 172.27.65.254
!
interface Vlan100
description --- VLAN Management ---
ip vrf forwarding omega
ip address 172.27.1.1 255.255.255.0
!
interface Vlan105
description --- VLAN Management to FW ---
ip vrf forwarding omega
ip address 172.105.1.2 255.255.255.0
!
ip route vrf BN_A 0.0.0.0 0.0.0.0 172.104.1.4
ip route vrf BN_A 172.28.2.0 255.255.255.0 172.27.65.2
ip route vrf omega 172.18.0.0 255.255.255.0 172.105.1.4
ip route vrf omega 172.20.0.0 255.255.255.0 172.105.1.4
ip route vrf omega 172.26.0.0 255.255.255.0 172.105.1.4
ip route vrf omega 172.27.65.0 255.255.255.0 172.105.1.4
ip route vrf omega 172.28.2.0 255.255.255.0 172.105.1.4

I hope you will help me.
Tell me if you need something else to study the case.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close