Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
394
Views
7
Helpful
7
Replies

Per Vlan Management IP@

badalam_nt
Level 1
Level 1

‎02-02-2009 06:48 AM - edited ‎03-06-2019 03:48 AM

For an L2 switch is it possible to define one IP@ for each vlan used on that switch ?

And best practice is to use one single IP@ for management of an L2 switch or one IP@ per vlan ?

Labels:
0 Helpful
7 Replies 7

Tshi M
Level 5
Level 5

‎02-02-2009 07:36 AM

A layer 2 switch will typically have one IP address for management.

Regards,

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to Tshi M

‎02-02-2009 07:45 AM

Hello,

a l2 switch can have only one management vlan.

I saw this on C2950 when you define a second SVI the first one is put in shudown.

if you enable the one disabled the second is shutted.

if the device is L3 capable but acts as a L2 switch it could have multiple SVIs but there is no need for this as Etienne noted

Hope to help

Giuseppe

0 Helpful

badalam_nt
Level 1
Level 1
In response to Giuseppe Larosa

‎02-02-2009 07:50 AM

And is it recommended to always use vlan 1 for defining management IP@ ? Or better a separate dedicated vlan, which is not used for any other traffic except for remote connection to the switch?

0 Helpful

Tshi M
Level 5
Level 5
In response to badalam_nt

‎02-02-2009 07:55 AM

I usually avoid to use VLAN1 and create a specific VLAN for management.

Regards,

0 Helpful

badalam_nt
Level 1
Level 1
In response to Tshi M

‎02-02-2009 07:45 AM

So to define one management IP@ per vlan is not recommended?

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to badalam_nt

‎02-02-2009 08:17 AM

Hello Badalam,

use only one different from Vlan 1 and different from vlans where end users connect.

The suggestion is that every campus should have a dedicated management vlan to reach all devices.

This is for telnet/ssh and snmp, syslog and so on.

using vlan1 is not recommended for security reasons.

Having a dedicated management vlan can help keep devices reachable while there are problems on user vlans

Hope to help

Giuseppe

glen.grant
VIP Alumni
VIP Alumni
In response to badalam_nt

‎02-02-2009 09:12 AM

Vlan1 is also used for control plane traffic such as cdp , vtp etcc so it is better not to run production traffic across vlan 1. It can be any other vlan.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card