Table of Contents
Advertisement
7.3.7
Creating a Secure Management VLAN
If the Matrix E1 is to be configured for multiple VLANs, it may be desirable to configure a
management-only VLAN. This allows a station connected to the management VLAN to manage
all ports on the device. It also makes management secure by preventing configuration via ports
assigned to other VLANs.
To create a secure management VLAN, you must:
1. Create and name a new VLAN.
2. Set the new VLAN as the host VLAN.
3. Set a private community name and access policy.
The commands needed to create a secure management VLAN are listed in
in the associated section as shown.
.
NOTES: By default at device startup, there is one VLAN configured on the Matrix E1. It
is vlan-id 1, the default VLAN. The default community name, which determines remote
access for SNMP management, is set to "public" with Read-Write access.
Table 7-4 Command Set for Creating a Secure Management VLAN
To do this...
Create and name a new VLAN and
confirm settings.
Set the new VLAN as the host VLAN,
confirm settings, and add user ports.
Set a private community name and access
policy and confirm settings.
NOTE: This process would be repeated on every device that is connected in the
network to ensure that each device has a secure management VLAN. When configuring
multiple devices, vlan-names can be different, but the management vlan-id number
must be the same on each device. This is because the management vlan-id is included
in each packet.
(Section
7.3.2)
(Section
7.3.6)
Use these commands...
set vlan
set vlan name
(Optional) show vlan
set port vlan host
(Optional) show host vlan
set community
(Optional) show community
Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide
VLAN Configuration Command Set
Creating a Secure Management VLAN
(Section
5.2.2.8).
(Section
7.3.2.1)
(Section
7.3.2.2)
(Section
(Section
7.3.6.2)
(Section
(Section
5.2.2.8)
Table 7-4
and described
7.3.1.1)
7.3.6.1)
(Section
5.2.2.7)
7-41
Advertisement
Table of Contents
