NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Setup of management VLAN for M4300 series
I am trying to have WebGUI access of NetGear M4300-8X8F switches on a local computer which resides a few switch hops from the actual devices. What I have accomplished with Aruba managed switches is that I have VLAN 5 reserved for management purposes. I can access Aruba switches' management web interface only from a computer on local LAN which has connectivity to the network isolated as VLAN 5. I fail to setup NetGear switches to be part of the VLAN 5 for WebGUI access purposes.
I have a pair of NetGear M4300-8X8F switches. One of the NetGear switches is connected from NetGear's port 16, with copper CAT6, to first Aruba coreswitch (2920 series). Second NetGear switch is connected from it's port 16, with copper CAT6, to second Aruba 2920 series unit.
For a reson unknown to me following is found under NetGear's VLAN Status page
I take that any traffic of VLAN 5 going outside of the M4300 unit tries to make it's way through port 0/14/1. But the Aruba core switch(s) is connected to port 1/0/16. Even more puzzling is the first zero in the Routing Interface column value, Two of the NetGear switches are NOT stacked.
This is what I have in IPV4 Management VLAN Configuration window:
Gateway address is only accessable through port 1/0/16. I have no connection to the NetGear switches while trying to type 172.16.5.10 on a web browser on a computer which has access to VLAN 5 (from Aruba switch side).
Thank you for any tips how to proceed.
9 Replies
How are the many (!!!!) VLAN 5 member ports associated to all these many ports? Trunks == [T]agged
Unless I'm wrong, these switches automatically add routing for that subnet, the port shown there would make the routing default gateway. The routing interface is - as long as everything is on the same subnet and VLAN - not involved.
Everything very similar to the ArubaOS-Switch Management VLAN configuration btw. Once configured, the admin VLAN runs on a trunk with tagged ports.
NetGear ports 1/0/1 and 1/0/2 are in trunk mode, so VLAN 5 is included there while in practise not needed (main trunk connection to two servers, 10 Gbps each). NetGear port 1/0/16 also in trunk mode towars Aruba switch and VLAN 5 needed. Port 1/0/14 is VLAN 5 untagged for the server's management port whose main trunk connection is at port 1/0/1. Port 1/0/15 connects to datastore server's management port.
Would not need VLAN5 at ports 1/0/1 and 1/0/2, but have not figured out how to include several VLANs in a port without adding every possible VLAN in trunk mode.
A possible reason is the Auto-Trunk feature: How do I enable or disable Auto-Trunk mode on my Pro AV switch? .. disable it in case you seek full control over the trunks.
This is getting off-topic, as long as having VLAN 5 present at ports 1/0/1 and 1/0/2 does not affect the main issue. The main issue being I can not access management webgui of the NetGear from a computer connected to the Aruba switch.
Topoloy:
PC --> Aruba edgeswitch --> Aruba coreswitch --> NetGear switch
So, if I try to use NetGear webgui PING to the PC in address space 172.17.5.0/24, I get no reply. Also TRACEROUTE from NetGear to PC comes out totally blank.
Dr_Skepsis wrote:
So, if I try to use NetGear webgui PING to the PC in address space 172.17.5.0/24, I get no reply. Also TRACEROUTE from NetGear to PC comes out totally blank.
So definitively a problem with the VLAN configuration on what makes up the trunk on either side, especially if testing from the same network and the connected IP subnet, breaking the in-band management access.
At the risk I will hear again we are going off-topic, you could always use a direct connection to the Gigabit Ethernet service port out-of-band Ethernet management (OOB) port, or standard RS232-RJ45 and mini-USB ports for a local management console available alternatively - extremely helpful for troubleshooting.
Look, I'm just yet another community member here, not paid Netgear support and participating in the Netgear Community at my own cost and time. Don't hesitate to contact Netgear's https://www.netgear.com/av/services/proav-designsupport/. Good luck!
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
