Slightly OT trying to get to grips with accessing several devices on different subnets.
All networks are subnets from a firewall router which itself is also a managed switch. All the subnets are in turn to my managed switch and each switch port is set up for it’s own Vlan, eg. V100, V200, V300 etc.
I am trying to understand how a Management Vlan should work. What I wish to do is to be able to access all of the devices in all subnets through their management ports from my desktop or laptop.
My thinking is that all devices should, for management purposes, have their lan address set as static IPs within one subnet. Is this the right way to proceed.
Is it possible for my desktop or laptop to be vlan aware and enable my NIC to use vlan1?
You need to explain what you call “Management VLAN”. If you have Cisco switch, management VLAN is VLAN that carries switch-to-switch control traffic. It has absolutely nothing to do with (management of) devices connected to switches.
My thinking is that all devices should, for management purposes, have their lan address set as static IPs within one subnet. Is this the right way to proceed.
It is entirely up to you. Before asking “is this solution the right way” you need to define what you are trying to achieve. What can be understood so far - you already can reach each device connected to your LAN. What is the exact reason you want to use yet another VLAN?
Is it possible for my desktop or laptop to be vlan aware and enable my NIC to use vlan1?
Just configure additional VLAN interface on top of your physical NIC. Of course you also need to configure additional VLAN on switch port to which that NIC is connected.
As will be apparent, I have no networking expertise but shall try and explain further what I am trying to achieve.
I am using mostly Netgear managed switches. I wish to use a VLAN to facilitate management and alterations to remote devices within our network which are otherwise on separate subnets.
My thinking was that a management vlan would be the easiest way to manage and control these devices. I was intending to set up a separate subnet for this purpose.
We have several different functional requirements of our network, for example; WiFi APs for guests connected by VLAN with L2 isolation directly to the Internet, accounting systems in different offices which are intended to be secure, reservation and card payment systems, back of house inventory and stock system, multimedia systems both for hospitality functions, guest and private use.
By
configure additional VLAN interface on top of your physical NIC
I understand you to mean I have a lan connection to a managed switch port configued with the said management VLAN. Similarly I can set up a (hidden) SSID which connects to this same VLAN if I need to make changes away from my deskop by using laptop. Where I need help is ensuring that this arrangement is secure and appropriate.
Hope this makes sense and thanks for the reply.
BTW many thanks to you and all your colleagues for getting the Forum back up and running. All without difficulty for me except that I am no longer receiving email notification of my post. Is there something I have missed?
It might help if you can draw and share a basic network diagram to explain your proposed network topology (ie show us what you’d like to achieve graphically).
Hi Deano, great links and just what I needed. My previous reading had been cluttered by proprietary stuff and I wanted the basics so many thanks.
Will get back when I have done my homework if I get stuck!