This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
I'm testing a stack of M5300-G3 switches with the 11.x firmware and just cannot get the managment VLAN figured out. It seems that whatever I do the managment VLAN becomes a routing VLAN - which I don't want. What I do have is:
a number of other VLANs, both IPv4 and IPV6, all happily routing and switching
DNS, DHCP etc all happy.
Alternate CISCO ASA manages the routing between the normal user subnets and my secure management VLAN
I had this configuration working on firmware 10.x but can't seem to find the magic commands to set an IP address of the device without also setting the management VLAN to a routing VLAN.
I regret to inform you that the method in the v10.x firmware of having a non-routable management VLAN is no longer available in the v11.x firmware. With regard to this, it would be best to implement Access Control Lists or ACLs to restrict unwanted traffic to/from the management VLAN using the v11.x firmware.
I regret to inform you that the method in the v10.x firmware of having a non-routable management VLAN is no longer available in the v11.x firmware. With regard to this, it would be best to implement Access Control Lists or ACLs to restrict unwanted traffic to/from the management VLAN using the v11.x firmware.
No need to apologise - firmware series changes are a chance for vendors to implement changes. Its just this was not clear from my reading of the V11 documentation.
Is the management VLAN then a full routing VLAN the same as any other VLAN?
If I adjust the routing and ACLs across my network I can use the M5300, with ACLs, as the gateway to my other devices on the secure VLAN?
