how to create management vlan with web access to all switches

  • 0
  • 1
  • Question
  • Updated 2 years ago
  • Answered
  • (Edited)
I have 3 switches one X460 and two X440 with are conected with fiber
X460<---->X440<---->X440

...and i want use Mgmt vlan as i use my other vlan so i dont need to go to every switch and connect to managment port  every time i want to make changes:)

So i made:

(24 is a fiber port)
config vlan1 add port 24 tagged
config vlan2 add port 24 tagged

but when i try to (i want to connect Mgmt vlan betwen switches)
config Mgmt add port 24 tagged 
i get error that i cant change Mgmt vlan... 

when i create another vlan for example:
config vlan manage2 ipaddress 172.16.1.1 255.255.255.0

I can't acces web config.. even if enable web http (its working only for native Mgmt vlan)
also I can't ping 172.16.1.1

How to create management Vlan so i can acces every switch web configuration?
Photo of Piotr Jakubczyk

Piotr Jakubczyk

  • 234 Points 100 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Piotr,

Mgmt vlan is dedicated to the mgmt port and that can't be changed.

Regarding the management vlan for web access you can simply create a vlan, add an IP to each device and add the necessary ports to it (uplink ports, etc).

After that just enable http globally using enable web http.
Photo of Drew C.

Drew C., Community Manager

  • 37,350 Points 20k badge 2x thumb
Hi Piotr - Welcome to The Hub!
Take a look at this thread for some additional insight on ways to use the mgmt port.
https://community.extremenetworks.com/extreme/topics/recommendation-for-configuration-of-management-...
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Piotr, 

Here is an example/scenario:

X460 (port 10) <--> (port 11) X440-1 (port 12) <--> (port 13) X440-2 (port 14) <--> Management Station 

X460 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 10 tagged
config vlan manager2 ipaddress 192.168.100.101/24
enable web http

X440-1 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 11,12 tagged
config vlan manager2 ipaddress 192.168.100.102/24
enable web http

X440-2 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 13 tagged
config vlan manager2 add port 14 untagged (untagged to connect the Management Station)
config vlan manager2 ipaddress 192.168.100.103/24
enable web http

Let's say your Management Station uses the IP 192.168.100.150/24. With the above config you will be able to access any of the 3 switches through web/http on the same vlan (without routing).

However, if the Management Station is connected in a different vlan/network, then you will have to:
  1. enable ipforwarding (to both manager2 and Management Station vlans)
  2. Add the vlans to a routing protocol (if used) or create static routes
Photo of Piotr Jakubczyk

Piotr Jakubczyk

  • 234 Points 100 badge 2x thumb
Thanx for reply. I created vlan manager2, i taged it but stil i cant acces web configuration. I think it may bemproblem with virtual router. How to change Vlan virtual router?
Bud_1-X460.6 # show vlan---------------------------------------------------------------------------------------
Name            VID  Protocol Addr        Flags                Proto  Ports  Virtual
                                                                      Active router
                                                                      /Total
---------------------------------------------------------------------------------------
Default         1    172.16.98.1    /24  ------------------------- ANY    0 /0   VR-Default
manager2        123  192.168.1.1    /24  ------------------------- ANY    1 /2   VR-Default
(Edited)
Photo of Jeremy

Jeremy, Embassador

  • 9,788 Points 5k badge 2x thumb
Quick question, why do you want to use the web management interface? 
Photo of Piotr Jakubczyk

Piotr Jakubczyk

  • 234 Points 100 badge 2x thumb
Im not so familiar with configuring switches using terminal. But i know what i want and what to search. With graphic GUI it is faster to get what i want without knowing all commands and how to use them. 
Photo of Piotr Jakubczyk

Piotr Jakubczyk

  • 234 Points 100 badge 2x thumb
esentialy i endup with something like this (using one pathcord to connect Managment port with port 22..but disgust remains that i cant do this software only way)
 and created VLAN called management
Photo of Drew C.

Drew C., Community Manager

  • 37,308 Points 20k badge 2x thumb
A connection like that isn't recommended - you'll see strange issues.
This is further described in this thread:  https://community.extremenetworks.com/extreme/topics/how-to-connect-the-management-port-to-the-netwo...