cancel
Showing results for 
Search instead for 
Did you mean: 

PBR as VRF Substitute on 7150

matt_236689
New Contributor III

Most of our switches are 7650/7550's and we've got management VRFs configured.  Looking for some kind of workaround on some of our sites since VRFs aren't available on the 7150 L3 devices.  Thinking PBR with ACL restricting to that subnet.  Has anyone here done this?  Am I missing something?

1 REPLY 1

jdryan
Moderator
Moderator

Hi Matt, 

With respect to the query raised, on the set up currently , with the 7650s and 7550s, there is a management VRF in place for the MGMT traffic to traverse; and something similar is needed for  7150s 
if the 7150s are being deployed with Switch image : you could use Management-vlan to set up the mgmt vlan and use the OOBM interface management purposes 
management-vlan (click on the link) 

if on router code, you could have a vlan dedicated to management. Access - restricted via ACL to that subnet. 

or further more/better yet, you could use ssh access-group to restrict access to the devices CLI via the network by defining the allowed IPs via the Standard ACL: same can also be done for SNMP, where access to the switch can be restricted via standard ACL. 

ssh access-group 
SNMP config statement 

this way the traffic wont be affected : and only allowed devices will be able to access device. 

 

Do let us know if the details help. 

 

Thanks !!