Solved: Re: Management port in Cisco Switches (are they really physical port) - Page 2

SJ K · ‎04-11-2015

Hi all,

I have been taught to console into my cisco switch for configurations through console cable + putty (serial terminal).

Then I have been taught to configure a management ip and gateway on the cisco switch.

Switch# conf t
Switch(config)# interface vlan 1
Switch(config-if)# ip address 192.168.1.11 255.255.255.0
Switch(config-if)# no shut
Switch(config-if)# exit
Switch(config)# ip default-gateway 192.168.1.1

All the while, i thought this is the way to remote in to the switch via putty/telnet through the network to configure the switch, until i saw the picture below (cisco catalyst 2960)

=======================================

There is a physical port call ethernet management port. What is it ? What is the difference between this port and the earlier example of setting a management ip in VLAN 1 ?

If i set an IP on this particular interface and I ssh in, will i see the same screen/display/console from the earlier example in which i set a management ip in VLAN1 and I ssh in ?

Regards,
Noob

Leo Laohoo · ‎04-20-2015

q1) The Router just below the cloud can be use for advertising , am i right ?

That's correct.

q2) Also, as mentioned by you previously, terminal A (.5.1) will still have to login into the router to connect to the management port (as there is no gateway setting on the management port for it) - does it still applies ?

In the most simplest method, yes.

I've seen someone who's got a server that acts as a terminal server. The reason being is because they added some security into this kind of network that disables any way for anyone to log into the router from the internet. So a method is to remote into (from the internet) a server and from there, you jump to your destination. Nothing special.

SJ K · ‎04-21-2015

Duly noted Leo.

Thanks a million.

Leo Laohoo · ‎04-21-2015

Glad to be of some form of assistance.

Thanks for taking the time to rate our posts. :)

SJ K · ‎04-21-2015

Hi Leo,

No problem. What that compare to having having you gurus assistance.

Hey Leo, if you dont mind, i ask some silly questions @

https://supportforums.cisco.com/discussion/12483956/dce-dte-clock-rate-and-bandwidth-office-and-dc-implementation-confused

Hope you can take alook if you are free.

Thanks.

Regards,
Noob

Leo Laohoo · ‎04-22-2015

:)

ianarakel23 · ‎03-14-2016

Hi Leo,

Kindly confirm the below:

i)
Is the AUX and Management port used for the same purpose?

ii)
In the diagram can terminal A server connect to the management port of the switch i.e. 192.168.0.1 via putty.
The reason this is being asked is because since the Terminal server A is in 192.168.5.1 subnet and suppose it receives an advertisement for path to reach 192.168.0.x subnet, the point out here remains that the management port does not have a default gateway so what about any acknowledgement path for the return traffic for TCP traffic.

iii)
In case the WAN link fails, kindly confirm on the way we could reach the switch via the management port.

In our environment, we use an OoB server to verify the power status of device in a remote location by dialling into the same in case the primary connectivity via the WAN fails.

Need to understand in that case the configuration or the physical connectivity of the OoB server would be via the AUX or the management port?

RandyPrice · ‎01-25-2019

Leo, can't you use SSH to access a 3560X via the management port (FastEthernet0)?

I have configured the management port, on a seperate subnet that will connect to fa0 on multiple 3560X's, enabled SSH, and added a user. I can SSH on any of the VLAN connections into the 3560X without any problems, but when I SSH into fa0, on the separate subnet, I receive the prompt asking for the password of the user, yet it always fails to authenticate:

username@192.168.0.231's password: xxxxxxxx (The x's aren't actually seen)
Permission denied, please try again.
username@192.168.0.231's password: xxxxxxxx
Permission denied, please try again.
username@192.168.0.231's password: xxxxxxxx
Authentication failed.

I'm assuming that I have either misconfigured the management port or my line terminals (vty).

My current config includes:

!
interface FastEthernet0
ip address 192.168.0.231 255.255.255.0
no ip route-cache
no ip mroute-cache
!

and

!
line con 0
login local
line vty 0 4
login
transport input ssh
transport output ssh
line vty 5 15
login
transport input ssh
transport output ssh
!

Any help would be greatly appreciated.

21T · ‎04-13-2023

Hi All,

I have one question which I think it's related to this topic.

Is it possible to use a management port as a data port?

We have ordered Sup Engine 9600X SUP-2 which has 2x 10G SFP+ management port. Is it possible to use this port as a data port to connect to downstream and upstream devices?

Joseph W. Doherty · ‎04-13-2023

Depends on the device.

If it works, at all, likely you'll find it may be feature limited and/or performance "challenged".

21T · ‎04-15-2023

Thanks Joseph,

I was looking to a datasheet and I found out that either of the two ports work as a data port not both, but not recommended as you said since the performance would be affected.

N.B, the management port network will be in different routing table /vrf that will not communicate with the main routing table.

Joseph W. Doherty · ‎04-15-2023

Yeah, Cisco has been placing management port in its own VRF for sometime now but I recall (?) it might be changeable.