1. Manuals
  2. Brands
  3. Dell Manuals
  4. Controller
  5. 3-DNS
  6. Administrator's manual

Setting Up Security For Vlans - Dell 3-DNS Administrator's Manual

Dell 3-dns administrator guide version 4.5
Hide thumbs
Table of Contents

Advertisement

Setting up security for VLANs

®
3-DNS
Administrator Guide
To configure tag-based access on an existing VLAN using the
Configuration utility
Configuring tag-based access on an existing VLAN means changing the
existing status of one or more member interfaces from untagged to tagged.
1. In the navigation pane, click Network.
The VLAN screen opens.
2. Click the VLAN name in the list.
The properties screen for that VLAN opens.
3. In the Resources box, move any untagged interfaces from the
Current Interfaces list to the Interface Number list.
4. Specify any tagged interfaces by selecting the appropriate interface
numbers from the Interface Number list and clicking tagged >>.
5. Click Done.
To create a VLAN that supports tag-based access from the
command line
1. Type the bigpipe vlan command, specifying a VLAN name, the tag
keyword, and a VLAN ID number. The following example creates
the VLAN external with a VLAN ID of 1209.
b vlan external tag 1209
2. Add the interfaces to the VLAN external as tagged interfaces. This
is done by specifying the VLAN name, the tagged keyword, and the
interfaces to be tagged. For example:
b vlan external interfaces add tagged 4.1 5.1 5.2
The effect of this command is to associate a tag with interfaces 4.1 and 5.1,
which in turn allows packets with that tag access to the external VLAN.
The above procedure adds multiple tagged interfaces to a single VLAN.
However, you can also add a single tagged interface to multiple VLANs.
This results in a single interface having more than one tag associated with it.
For example, the following commands add the tagged interface 4.1 to the
two VLANs external and internal:
b vlan external interfaces add tagged 4.1
b vlan internal interfaces add tagged 4.1
You can lock down a VLAN to prevent direct connection to the 3-DNS
Controller through that VLAN. You can override this lockdown for specific
services by enabling the corresponding global variable for that service. For
example:
b global open_ssh_port enable
Post-Setup Tasks
4 - 9

Advertisement

Table of Contents
loading

Related Manuals for Dell 3-DNS

Related Content for Dell 3-DNS

Table of Contents