× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

xs716T change management vlan id failed

neo998
Aspirant
Aspirant
‎2020-11-27 01:29 AM
‎2020-11-27 01:29 AM

xs716T change management vlan id failed

I got a xs716t switch its F/W version is 7.0.0.20

my final goal is to make this switch's management vlan id change from 1 to 1029(which had vlan routing configured for remote access).

 

somehow, after several tries the management vlan just can't be changed and the connection will lost.

I read this dicussion: https://community.netgear.com/t5/Managed-Switches/Howto-change-management-vlanid-on-gs724T/td-p/1307...

and tried to configure it the same way but failed eventually.

 

my workstation was connected to port 16 to access the xs716t's default ip 192.168.0.239.

can anyone clarify the correct steps to change the management vlan?

is it like this:

1. configure port 16 to vlan id 1029 with untagged

2. change the port pvid from 1 to 1029 on the port 16.

3. change management vlan id to 1029.

4. done.

 

the problem is  the connection lost when doing step 3...

so frustrating..

can anyone give me some hints please?

 

Model: XS716T|16-Port 10-Gigabit Copper Smart Managed Pro Switch with 2 Copper/SFP+ Combo Ports
Message 1 of 8
0 Kudos
Reply

Accepted Solutions
schumaku
Guru Guru
Guru
‎2020-12-02 02:11 AM
‎2020-12-02 02:11 AM

Re: xs716T change management vlan id failed

There are never to many questions.

 

It does not make to much sense isolating the management VLAN to a dedicated network, and in the next step right away put up almost non-controlled short cut inter-VLAN routing on the switch. The idea of having a management VLAN is that you have some security appliance with firewall rules and probably additional authentication, some dedicated VPN, ...  connecting to that management VLAN where in-band and out-of-band management ports, console servers, and so on where only people with physical access or strong authentication can gain access to. 

View solution in original post

Message 8 of 8
0 Kudos
Reply

All Replies
schumaku
Guru Guru
Guru
‎2020-11-27 04:37 AM
‎2020-11-27 04:37 AM

Re: xs716T change management vlan id failed

Use a different port. The moment you change the PVID to the new management VLAN on the port you are connected to the computer is fully associated to the VLAN 1029 while the management VLAN is still VLAN 1 ...

Not sure what your idea is ref. routing for remote access.
Message 2 of 8
0 Kudos
Reply
neo998
Aspirant
Aspirant
‎2020-11-30 12:32 AM
‎2020-11-30 12:32 AM

Re: xs716T change management vlan id failed

@schumakuthanks for the hint!!

 

regarding to the remote access,

i meant i want to make vlan 1029 (management vlan) routable to other vlans, and access this xs716's management IP via other networks.

e.g. from internet to vlan 1030's gateway IP(10.30.0.254) and route to vlan 1029's gateway IP (10.29.0.254)then reach the XS716T management IP.

 

however, it seemed that intergace ip can't be assigned to management vlan and it became 0.0.0.0/0 automatically.  I don't get it.

does anyone know how vlan routing was designed on this switch?

 

Message 3 of 8
0 Kudos
Reply
schumaku
Guru Guru
Guru
‎2020-11-30 01:32 AM
‎2020-11-30 01:32 AM

Re: xs716T change management vlan id failed

@neo998 wrote:

however, it seemed that intergace ip can't be assigned to management vlan and it became 0.0.0.0/0 automatically. 

Same place where you define the management VLAN, isn't it?

Message 4 of 8
0 Kudos
Reply
neo998
Aspirant
Aspirant
‎2020-11-30 07:42 PM
‎2020-11-30 07:42 PM

Re: xs716T change management vlan id failed

oops, just discovered that the management vlan is not routable...terribly sorry about raising this dumb question.Smiley Frustrated

 

alright, my final question is, how do i set configurations on xs716t to make the managemnt IP routable?(I would like to access xs716t remotely.)

or maybe it's not possible to do that??

 

thanks in advance! you helped so much!

 

Message 5 of 8
0 Kudos
Reply
schumaku
Guru Guru
Guru
‎2020-12-01 01:17 AM
‎2020-12-01 01:17 AM

Re: xs716T change management vlan id failed

@neo998 wrote:

oops, just discovered that the management vlan is not routable...

Any source or reference for this limitation?

 

@neo998 wrote:

alright, my final question is, how do i set configurations on xs716t to make the managemnt IP routable?(I would like to access xs716t remotely.)

or maybe it's not possible to do that??

Define "remotely".... Any system on the management VLAN and it's subnet can by default reach the switch management, do SNMP, ...

 

 

Message 6 of 8
0 Kudos
Reply
neo998
Aspirant
Aspirant
‎2020-12-02 01:59 AM
‎2020-12-02 01:59 AM

Re: xs716T change management vlan id failed

i saw this https://www.dell.com/community/Networking-General/Power-Connect-6224-VLAN-routing-and-management-VLA...

 

actually, I just want to access the management vlan via other vlans and that's why i need routing between management  vlan and others.

it's alright, let me try first. i think i had already asked too many questions.

Message 7 of 8
0 Kudos
Reply
schumaku
Guru Guru
Guru
‎2020-12-02 02:11 AM
‎2020-12-02 02:11 AM

Re: xs716T change management vlan id failed

There are never to many questions.

 

It does not make to much sense isolating the management VLAN to a dedicated network, and in the next step right away put up almost non-controlled short cut inter-VLAN routing on the switch. The idea of having a management VLAN is that you have some security appliance with firewall rules and probably additional authentication, some dedicated VPN, ...  connecting to that management VLAN where in-band and out-of-band management ports, console servers, and so on where only people with physical access or strong authentication can gain access to. 

Message 8 of 8
0 Kudos
Reply
Discussion stats
  • 7 replies
  • ‎2020-11-27 01:29 AM
  • 1950 views
  • 0 kudos
  • 2 in conversation
Announcements