Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1610
Views
0
Helpful
7
Replies

do we need a interface withing the management vlan for it to work ?

ilies-bekhtaoui13
Level 1
Level 1

‎07-08-2017 06:11 PM - edited ‎03-08-2019 11:15 AM

hello guys everything is in the title ,i got confused from some videos saying that we have to put a interface in the management vlan and some saying that just adding a no shut in the svi is enough ..................... what's the truth ? and how to use the management vlan in the lan and remotely ?

THANKS

Labels:
0 Helpful
7 Replies 7

Julio E. Moisa
VIP Alumni
VIP Alumni

‎07-08-2017 06:30 PM

Hi

An SVI will work just if the vlan is created and if it is associated to an access port or on trunk interface, usually the vlan associated to the SVI pass through the trunk interface connected to the distribution or core switch. 

Your configuration should be:

Example:

vlan 100
name MANAGEMENT

interface vlan 100
name MANAGEMENT
ip address 192.168.100.10 255.255.255.0
no shutdown

ip default-gateway 192.168.100.1 <--- the default gateway of the network associated to the vlan 10, it is usually created on the distribution or core switch or router. Also this command line will allow you to reach the device remotely through the management SVI.

interface g1/1/1
description TO-DISTRIBUTION-SW
switchport mode trunk
no shutdown

*As Im not filtering vlans under the trunk interface, all the vlans are passing through by default, you can see that executing: show interface trunk.

Hope it is useful

:-)




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

ilies-bekhtaoui13
Level 1
Level 1
In response to Julio E. Moisa

‎07-09-2017 09:14 AM

thanks

but i don't get it you didn't associate any interface to the management vlan in your example , why ?

i understand for the trunk connection it's quite obvious that without it traffic will not pass , but still you said associate a trunk port ! a trunk port is part o the native vlan how can i associate it with a management vlan then ? , or do you mean something else by "associate" ?

i still don't understand if i should add a interface to the svi or not and why ?

thanks for your time

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to ilies-bekhtaoui13

‎07-09-2017 09:17 AM

Yes you should create an SVI for the management vlan so you can connect remotely to the switch.

You don't  assign a port to that vlan, you use a trunk link and the management vlan is allowed on that link.

Jon

0 Helpful

ilies-bekhtaoui13
Level 1
Level 1
In response to Jon Marshall

‎07-10-2017 05:51 PM

what if i assign a interface to that management vlan , does it means that the management vlan will only be accessible on that link ?

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni
In response to ilies-bekhtaoui13

‎07-10-2017 06:05 PM

Hi

Nop, usually in order to activate a interface vlan, the vlan must be created and it must be associated to an access port or pass the vlan under a trunk, in this case for the management interface vlan you only need to pass the vlan under the trunk. 

The management vlan must not be associated or configured under any access port for security purposes. 

The idea with the management vlan is be able to manage the switches remotely using telnet or SSH.




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful

ilies-bekhtaoui13
Level 1
Level 1
In response to Julio E. Moisa

‎07-10-2017 07:09 PM

what do you mean by associate with a trunk or a access ports ? what i mean to do is

interface vlan 88

ip address 192.168.88.1 255.255.255.0

no shut

here the vlan is activated in all ports and the switch configured from each pc

interface fast 0/1

switchport access vlan 88

does the vlan work only from the interface 0/1 ?

now this switch can only be telneted by a pc connected with the interface fast 0/1

is this correct and if not what should happen ?

0 Helpful

Julio E. Moisa
VIP Alumni
VIP Alumni
In response to ilies-bekhtaoui13

‎07-10-2017 07:25 PM

Hi 

For example, if you create the vlan 88 and the interface vlan 88 as well but if it is not associated an interface example fa0/1 or passing through over a trunk interface, the interface vlan (SVI) will be displayed as up down through show ip interface brief.

But it is not the case with the management vlan, because a good practice is not associate the management vlan to any interface working as access mode.

For example your configuration for the management vlan should be:

Access  switch

vlan 88
name MANAGEMENT

interface vlan 88
description MANAGEMENT
192.168.88.10 255.255.255.0
no shutdown

ip default-gateway 192.168.88.1

interface fa1/48
switchport mode trunk 
no shutdown

*By default all the vlans are passing through the trunk interfaces unless you are filtering them.




>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<
0 Helpful
Customers Also Viewed These Support Documents