Does anyone know, how to set the management interface on a SG300 Switch in Layer 3 mode? I've some vlans configured on the switch with interfaces in each of them:
Vlan 100 (10.0.1.254 /24)
Vlan 200 (10.0.2.254 /24)
Vlan 300 (10.0.3.254 /24)
Vlan 900 (10.0.9.254 /24)
Now, the management interface is listening on all interfaces (IPs). But I would like to configure the switch to only listen on 10.0.9.254. Does anyone know, what I need to configure or whether it is possible? Thanks for your help.
What you can do is create a management access policy and disable access to the web ui (or all telnet/ssh access for that matter) on the vlans you don't want to have access.
Log into the web ui, on the left hand side, click on Security, then Mgmt Access Method. First, add a profile, give it a name, and select management method all, priority 20, action permit, all interfaces. (You want to allow all, then deny some).
Second, on the left menu, choose profile rules. A rule should have been created for you with the access profile name you just created. Then create a rule to deny the vlan you want to prohibit access. Click add, give the rule a higher priority than the allow rule (I used 10), choose the mgmt methods you're seeking to prohibit (HTTP for web ui, or all...), action deny, then choose user defined for the interface, then the vlan you don't want to have access.
Then you must go back to the access profiles page from the left menu, and select the profile you just created as the active access profile and hit apply.
I guess you could do it in the reverse order, deny all, then give your management vlan permission to the web ui, thats your call.
thanks for your answer and sorry for my late reply. What you described is the workaround, which I currently have in place. This works fine. However, it would be nice, if I could configure the interfaces on which the management interface listens. But I guess that this is not possible...
Hi every one!!!When you are configuring a remote VPN connection, there
are some steps that are lost on the path. Here you can see those steps.
A) In your Cisco device: 1. Ensure you don´t have any rule denying the
traffic between the device and the remote...
You have a Cisco Unified Communications Manager (CUCM) system and want
to configure a SPA112 analog telephone adaptor (ATA) to register to the
CUCM so that you can use up to two analog phones or similar FXS devices
with the CUCM.In this application note, ...
Introduction: This document describes how to connect SG300 with Catalyst
switch via STP. Spanning Tree Protocol (STP) is a Layer 2 protocol that
runs on mainly on switches. The specification for STP is IEEE 802.1D.
The main purpose of STP is to ensure tha...