Header Only - DO NOT REMOVE - Extreme Networks

how to create management vlan with web access to all switches


I have 3 switches one X460 and two X440 with are conected with fiber
X460<---->X440<---->X440

...and i want use Mgmt vlan as i use my other vlan so i dont need to go to every switch and connect to managment port every time i want to make changes:)

So i made:

(24 is a fiber port)

config vlan1 add port 24 tagged
config vlan2 add port 24 tagged


but when i try to (i want to connect Mgmt vlan betwen switches)

config Mgmt add port 24 tagged

i get error that i cant change Mgmt vlan...

when i create another vlan for example:

config vlan manage2 ipaddress 172.16.1.1 255.255.255.0


I can't acces web config.. even if enable web http (its working only for native Mgmt vlan)
also I can't ping 172.16.1.1

How to create management Vlan so i can acces every switch web configuration?

8 replies

Userlevel 6
Hi Piotr,

Mgmt vlan is dedicated to the mgmt port and that can't be changed.

Regarding the management vlan for web access you can simply create a vlan, add an IP to each device and add the necessary ports to it (uplink ports, etc).

After that just enable http globally using enable web http.
Userlevel 7
Hi Piotr - Welcome to The Hub!
Take a look at this thread for some additional insight on ways to use the mgmt port.
https://community.extremenetworks.com/extreme/topics/recommendation-for-configuration-of-management-...
Userlevel 6
Hi Piotr,

Here is an example/scenario:

X460 (port 10) <--> (port 11) X440-1 (port 12) <--> (port 13) X440-2 (port 14) <--> Management Station

X460 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 10 tagged
config vlan manager2 ipaddress 192.168.100.101/24
enable web http

X440-1 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 11,12 tagged
config vlan manager2 ipaddress 192.168.100.102/24
enable web http

X440-2 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 13 tagged
config vlan manager2 add port 14 untagged (untagged to connect the Management Station)
config vlan manager2 ipaddress 192.168.100.103/24
enable web http

Let's say your Management Station uses the IP 192.168.100.150/24. With the above config you will be able to access any of the 3 switches through web/http on the same vlan (without routing).

However, if the Management Station is connected in a different vlan/network, then you will have to:
  1. enable ipforwarding (to both manager2 and Management Station vlans)
  2. Add the vlans to a routing protocol (if used) or create static routes
Henrique wrote:

Hi Piotr,

Here is an example/scenario:

X460 (port 10) <--> (port 11) X440-1 (port 12) <--> (port 13) X440-2 (port 14) <--> Management Station

X460 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 10 tagged
config vlan manager2 ipaddress 192.168.100.101/24
enable web http

X440-1 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 11,12 tagged
config vlan manager2 ipaddress 192.168.100.102/24
enable web http

X440-2 configuration:

create vlan manager2 tag 123
config vlan manager2 add port 13 tagged
config vlan manager2 add port 14 untagged (untagged to connect the Management Station)
config vlan manager2 ipaddress 192.168.100.103/24
enable web http

Let's say your Management Station uses the IP 192.168.100.150/24. With the above config you will be able to access any of the 3 switches through web/http on the same vlan (without routing).

However, if the Management Station is connected in a different vlan/network, then you will have to:

  1. enable ipforwarding (to both manager2 and Management Station vlans)
  2. Add the vlans to a routing protocol (if used) or create static routes

Thanx for reply. I created vlan manager2, i taged it but stil i cant acces web configuration. I think it may bemproblem with virtual router. How to change Vlan virtual router?
Bud_1-X460.6 # show vlan---------------------------------------------------------------------------------------
Name VID Protocol Addr Flags Proto Ports Virtual
Active router
/Total
---------------------------------------------------------------------------------------
Default 1 172.16.98.1 /24 ------------------------- ANY 0 /0 VR-Default
manager2 123 192.168.1.1 /24 ------------------------- ANY 1 /2 VR-Default[/code]
Quick question, why do you want to use the web management interface?
Jeremy Gibbs wrote:

Quick question, why do you want to use the web management interface?

Im not so familiar with configuring switches using terminal. But i know what i want and what to search. With graphic GUI it is faster to get what i want without knowing all commands and how to use them.
esentialy i endup with something like this (using one pathcord to connect Managment port with port 22..but disgust remains that i cant do this software only way)
and created VLAN called management

Userlevel 7
Piotr Jakubczyk wrote:

esentialy i endup with something like this (using one pathcord to connect Managment port with port 22..but disgust remains that i cant do this software only way)
and created VLAN called management



A connection like that isn't recommended - you'll see strange issues.
This is further described in this thread: https://community.extremenetworks.com/extreme/topics/how-to-connect-the-management-port-to-the-netwo...

Reply