Specifying a management vlan – Allied Telesis AT-S63 User Manual

AT-S63 Management Software Menus Interface User’s Guide

Section VI: VLANs

633

Specifying a Management VLAN

The management VLAN is the VLAN on which an AT-9400 Series switch
expects to receive management packets. This VLAN is important if you will
be managing a switch remotely or using the enhanced stacking feature of
the switch.

Management packets are packets generated by a management station
when you manage a switch using the Telnet application protocol or a web
browser. The switch acts upon the management packets only if they are
received on the management VLAN.

The default management VLAN on an AT-9400 Series switch is the
Default_VLAN. If you do not create any additional VLANs and link the
switches together using untagged ports, then there is no need to specify a
new management VLAN in order to remotely manage the devices.

However, if you create additional VLANs on your switches, it may be
necessary for you to create a management communications path and then
specify that path as the new management VLAN.

Below are several rules to observe when using this feature:

ˆ

The management VLAN must exist on each AT-9400 Series switch
that you want to manage.

ˆ

Using the following procedure, you must specify the management
VLAN in the AT-S63 management software on each slave and master
switch of an enhanced stack.

ˆ

The uplink and downlink ports on each switch that are functioning as
the tagged or untagged data links between the switches must be either
tagged or untagged members of the management VLAN.

ˆ

When managing a switch or enhanced stack remotely using Telnet,
SSH or a web browser, the remote management workstation must be
communicating with the switch through the management VLAN. (This
rule does not apply when managing the switch locally through the RJ-
45 terminal port.)

As an example, assume that you have an enhanced stack of seven
AT-9400 Series switches with one master switch. If the uplink and
downlink ports between the various switches are members of the
Default_VLAN and if the management station is connected to a port of the
Default_VLAN, you can manage all the switches because the
Default_VLAN is the default management VLAN.

Now assume that you decide to create a VLAN called NMS with a VID of
24 for the sole purpose of remote network management. For this, you
need to create the NMS VLAN on each AT-9400 Series switch that you
want to manage remotely, being sure to assign each NMS VLAN the VID