Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1461
Views
0
Helpful
1
Replies

switch management vlan and port ?

Go to solution
fran19422
Level 1
Level 1

‎08-12-2012 02:32 PM - edited ‎03-07-2019 08:18 AM

Hello, I was wondering what standard procedure was with regards to switch management VLANs.

i.e. I have created an out-of-band vlan on a series of switches for the purpose of management.

I have spare interfaces on these switches. Do I go ahead now and assign ports to the management VLAN, or is it better practice to wait until you actually need to manage the switch and then assign a port to the management VLAN at that time ? Perhaps this is a better for security purposes ?

Is either way standard practice, or does it not really matter ?

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎08-12-2012 03:17 PM

Hi,

There is no standard practice.  There are 2 ways to manage your devices, in band or out of band.

for in band, you create a vlan that has no physical port assign to it. You create an SVI for this vlan on each switch, give it an IP address and add the vlan to the trunk.

for out of band, you create a vlan and assign a physical port to it.  You give an IP address to that physical port and connect the physical port to a management switch.  Than connect the management switch to the rest of you network with proper routing configured.  Best practice is to configure your management network before you configure the rest of the network.  This way you can simply SSH or Telnet to the devices and not console.

HTH

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Reza Sharifi
Hall of Fame
Hall of Fame

‎08-12-2012 03:17 PM

Hi,

There is no standard practice.  There are 2 ways to manage your devices, in band or out of band.

for in band, you create a vlan that has no physical port assign to it. You create an SVI for this vlan on each switch, give it an IP address and add the vlan to the trunk.

for out of band, you create a vlan and assign a physical port to it.  You give an IP address to that physical port and connect the physical port to a management switch.  Than connect the management switch to the rest of you network with proper routing configured.  Best practice is to configure your management network before you configure the rest of the network.  This way you can simply SSH or Telnet to the devices and not console.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card