Hey Reddit. I'm hoping someone out there has done something like this. I work for a growing WISP and I want to separate the management traffic for our infrastructure into a separate VRF, terminated at an SRX in our data center. I'm tired of managing firewalls on every router so I thought this would be a clean solution.
I found this[1] article on Juniper's website, but is seemed somewhat clunky and I didn't know if there was a cleaner way using features newer than Junos 11.4. Also, it seems more geared towards allowing the CE router's traffic to shortcut into the main router-instance and not really letting the rest of the vrf cut in.
Any pointers to articles or config examples are appreciated as well as advice that my design is crap and pointers to better ways.
Many Thanks.
No comments:
Post a Comment