Solved: Re: (int gig0/0) mgmt interface

M.Sultan · ‎01-19-2024

Hello Guys,

I had a Cisco 2960x switch placed between internet and my site and there was few more direct access to internet via this switch it was access via out of band management means (only console port) no ssh or telnet.

Now i got new Catalyst 9300 series switch and it has management interface predefined MGMT_VRF.

How would you manage this situation to configure that port for SSH (in band management to edge IT users to access it via SSH), to isolate the SSH traffic from the rest of internet traffic flowing from the switch ?

Thanks

balaji.bandi · ‎01-19-2024

in band management (you can also connect that port to access port on different LAN switch also works.

If you do not have separate Managing network to connect that mgmt port (then ignore it)

i would suggest to use your Management VLAN configured to access the switch ok - you can control using ACL to allow required imanagement IP to access switch using SSH (i suggest not to use Telnet here)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎01-19-2024

in band management (you can also connect that port to access port on different LAN switch also works.

If you do not have separate Managing network to connect that mgmt port (then ignore it)

i would suggest to use your Management VLAN configured to access the switch ok - you can control using ACL to allow required imanagement IP to access switch using SSH (i suggest not to use Telnet here)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help