Hi @ReneMolenaar @lagapidis ,
Could you please share cross-VRF communication via Cisco ASA firewall, which has been separated into a multi-context mode scenario, including a topology diagram and configuration example, please?
Appreciate your response on this.
What has your own reading and labbing yielded? I assume it isn’t working?
Hello Indika
Thanks for your post and your suggestion. Although we can’t immediately create a lab topology with detailed configs, you can go into the Lesson Ideas page below and make your detailed suggestions there. You may find that others have made similar suggestions and you can add your voice to theirs:
In the meantime, I can share with you some thoughts concerning your scenario that may help you along the way to deploy the topology that you are envisioning.
Cross-VRF communication through a Cisco ASA in multi-context mode requires an external Layer 3 device (typically your core switch or upstream router) to perform the inter-VRF routing, while the ASA provides security policy enforcement. ASA contexts cannot directly communicate with each other. They are completely isolated virtual firewalls with separate routing tables.
If you share a little bit more about what you want to achieve and the reasons for it, we may be able to provide you with some more info in this direction.
I hope this has been helpful!
Laz
Hi @lagapidis,
Thanks for your message and details below.
Current set-up is we have Nexus switches upstream connecting to an ASA multi-context firewall that connects to another Nexus switch and connects to a server.
NEXUS(L3) –>ASA MULTI-CONTEXT —>NEXUS—>SERVER
Nexus is configured with VRFs and I want to understand how the connectivity works from VRF A user accessing VRF-B server.
Appreciate your advice on this..