Hi Tiaan, dankie ek waardeer die ondersteuning! Ek het tans nie enige labs wat ek uit deel nie, ek wil graag my labs aan members gee wat my "join" op KZbin, maar daai is nog 'n work in progress.

Management is always a bit of effort depending on network sizes and services that are delivered, especially once you get into things like MPLS and different VRFs. There is always something that you can do to try and make your management easier. Like in this video I created mangle rules from my management network to get to the different VRF just for monitoring. So it should be doable to add the same type of rules for your VPN ranges that connect to one of your routers. Alterative is to be able to VPN into just the one router and connect onto it via ROMON and use its overlay network to manage all your devices. Though maybe I can spend some time on the next stream to see how we can make management for the routers easier :)

​ @The Network Berg that would be useful

Not sure why I can't see your comment about the OSPF you are using for the management routers. Something weird with KZbin. This is actually pretty standard in the ISP world as well. You can basically send all their routes via OSPF to a dedicated "Management" router. This Management router can allow you to remotely manage all the CPE or customer networks that you want to. You can also redistribute your management networks back into the customer VRFs using OSPF. So yeah, I would say it is best practice to do this :)

@@TheNetworkBerg let say R2 is VPN server. I can't reach the client which have VRF-Local ip add assign such as CPE-Wireless. in your next video can you show us what would be the solution ?