NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

neo998's avatar
neo998
Aspirant
Nov 27, 2020
Solved

xs716T change management vlan id failed

I got a xs716t switch its F/W version is 7.0.0.20

my final goal is to make this switch's management vlan id change from 1 to 1029(which had vlan routing configured for remote access).

 

somehow, after several tries the management vlan just can't be changed and the connection will lost.

I read this dicussion: https://community.netgear.com/t5/Managed-Switches/Howto-change-management-vlanid-on-gs724T/td-p/1307785

and tried to configure it the same way but failed eventually.

 

my workstation was connected to port 16 to access the xs716t's default ip 192.168.0.239.

can anyone clarify the correct steps to change the management vlan?

is it like this:

1. configure port 16 to vlan id 1029 with untagged

2. change the port pvid from 1 to 1029 on the port 16.

3. change management vlan id to 1029.

4. done.

 

the problem is  the connection lost when doing step 3...

so frustrating..

can anyone give me some hints please?

 

  • schumaku's avatar
    schumaku
    Dec 02, 2020

    There are never to many questions.

     

    It does not make to much sense isolating the management VLAN to a dedicated network, and in the next step right away put up almost non-controlled short cut inter-VLAN routing on the switch. The idea of having a management VLAN is that you have some security appliance with firewall rules and probably additional authentication, some dedicated VPN, ...  connecting to that management VLAN where in-band and out-of-band management ports, console servers, and so on where only people with physical access or strong authentication can gain access to. 

7 Replies

  • schumaku's avatar
    schumaku
    Guru - Experienced User
    Nov 27, 2020
    Use a different port. The moment you change the PVID to the new management VLAN on the port you are connected to the computer is fully associated to the VLAN 1029 while the management VLAN is still VLAN 1 ...

    Not sure what your idea is ref. routing for remote access.
    • neo998's avatar
      neo998
      Aspirant
      Nov 30, 2020

      schumakuthanks for the hint!!

       

      regarding to the remote access,

      i meant i want to make vlan 1029 (management vlan) routable to other vlans, and access this xs716's management IP via other networks.

      e.g. from internet to vlan 1030's gateway IP(10.30.0.254) and route to vlan 1029's gateway IP (10.29.0.254)then reach the XS716T management IP.

       

      however, it seemed that intergace ip can't be assigned to management vlan and it became 0.0.0.0/0 automatically.  I don't get it.

      does anyone know how vlan routing was designed on this switch?

       

      • schumaku's avatar
        schumaku
        Guru - Experienced User
        Nov 30, 2020
        neo998 wrote:

        however, it seemed that intergace ip can't be assigned to management vlan and it became 0.0.0.0/0 automatically. 

        Same place where you define the management VLAN, isn't it?

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More