× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

Access management VLAN from other VLANs

pertronic
Aspirant
Aspirant
‎2012-04-03 07:21 PM
‎2012-04-03 07:21 PM

Access management VLAN from other VLANs

We will soon replace our switches with managed switches from Netgear (a couple of GS724T and one GSM7224).

I've been successfully testing a multiple VLAN config with the GSM7224 handling the inter-VLAN routing.

We're planning on separating our network into 4 VLANs:

VLAN 10 = Servers and PCs/laptops (192.168.0.x/24)
VLAN 20 = IP Phones and IP PBX (192.168.2.0/24)
VLAN 30 = IP serveillance cameras (192.168.3.0/24)
VLAN 40 = Wifi (192.168.4.0/24)

Every subnet can reach the others using inter-VLAN routing.

We're leaving the management VLAN number 1 untouched.

My question is how will I be able to manage these switches (ie get access to the web gui) from my PC which will be part of VLAN 10?

I know that for security reason the GSM7224 will not let me route traffic for VLAN 1.
So how do I do this?

Thanks for your help!

Message 1 of 4
Labels:
0 Kudos
Reply
ebelotto
Novice
Novice
‎2012-07-14 07:18 PM
‎2012-07-14 07:18 PM

Re: Access management VLAN from other VLANs

We are using almost the same in ower company.
When you use VLAN routing, choose one switch to be the core switch layer 3 (router) e the others just layer 2. If you don´t aply any ACL to them, you´ll be able to access the management interface in every switch on the ip address that you configured on the switches. We configured 1 VLAN layer 3 to be the management VLAN e use OSPF for distribue the statics routes. In that VLAN, all the switches have one IP address and we access the interface with this IP. This VLAN isn´t the VLAN 1. It works fine.
Message 2 of 4
0 Kudos
Reply
Nariman
Aspirant
Aspirant
‎2012-08-01 06:06 AM
‎2012-08-01 06:06 AM

Re: Access management VLAN from other VLANs

Why don't you create another VLAN, call it 'Management VLAN' and then put all the switches and ... to be managaed,part of this VLAN.

This way, then you can completely remove VLAN1 and use the other VLAN as management.
Message 3 of 4
0 Kudos
Reply
Nariman
Aspirant
Aspirant
‎2012-08-01 06:07 AM
‎2012-08-01 06:07 AM

Re: Access management VLAN from other VLANs

By setting up using a dedicated management VLAN, then you can also setup ACLs so that not everyone can then access the switch and change swettings on it. Better in terms of security side of things.
Message 4 of 4
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 3 replies
  • ‎2012-04-03 07:21 PM
  • 18319 views
  • 0 kudos
  • 3 in conversation
Announcements