• August 14, 2020, 02:23:11 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Two switches and management vlan problem  (Read 377 times)

Tomtomm

  • Level 1 Member
  • *
  • Posts: 3
Two switches and management vlan problem
« on: July 01, 2020, 01:17:23 AM »

Hello,
English is not my first language so it will be hard for me to explain my problem but I hope I will be understood:

I have two 1100 series switches, one is stand one 08 and second one is 08P with poe, I will call poe one first and without poe second. So there is fiber network device(ZTE F601) connected to first switch and this one gives power and data to second switch. Internet, iptv works, management over network works but only for first switch i cant get remote access to second switch. Below I will post pictures of both switches vlan configuration and fiber device config:

First switch:



Second switch:



fiber device that first switch is connected to:



In those pictures, vlan 100 is internet vlan, vlan 101 is iptv vlan and vlan 102 is management vlan, lan cable connects both switches through port 8. Both switches have set up static addresses to get remote access, first one address is 192.168.100.166 and second 192.168.100.167 and as I said I can get remote acccess to first switch but not second one. In config I posted I cant get any mac to show on vlan 102, when I change second switch vlan 102 to untagged instead of tagged one mac shows on 97 vlan and port 8, I think its first switch mac. Please help me

Logged

Tomtomm

  • Level 1 Member
  • *
  • Posts: 3
Re: Two switches and management vlan problem
« Reply #1 on: July 03, 2020, 05:49:30 AM »

Is this forum alive ?
Logged

PacketTracer

  • Level 4 Member
  • ****
  • Posts: 435
Re: Two switches and management vlan problem
« Reply #2 on: July 03, 2020, 02:54:16 PM »

Hi,
after having read your scenario I still don't have a complete view:

  • Management VLAN 102 only exists at port 8 of either switch and nowhere else. And port 8 is used by the cable that interconnects both switches. Hence no third device (a management station?) connected to ports 1-7 of any switch can ever reach any switch's management interface, if it listens on VLAN 102 instead of VLAN 1 (default).

  • Your ZTE F601 is connected to one of the ports 1-7 of the first switch, where management VLAN 102  isn't available. Hence the presence of ID 102 in the TaggedVlanList of the ZTE F601's Ethernet port doesn't make any sense to me. Shall ZTE F601 have access to Management VLAN 102?

  • The switch's default setting for the management interface is to only be accessible via VLAN 1. If you want to use VLAN 102 instead, you have to configure that within "L2 Features > VLAN > Management VLAN" (did you?). As soon as you do so, you'll probably lose the connection to the switch, because your (probably non-VLAN-aware?) management PC was connected via a VLAN 1 port initially (that is any port, because it is an untagged member of VLAN 1 by default), where the management interface isn't available any more. Hence, if you want to change the management VLAN from 1 to 102, first configure some switch port for VLAN 102 (either tagged, or if untagged also set that port's PVID to 102 either), where you can plug your management PC to regain access to the management interface after switching over to listening on VLAN 102. If you configured the port to be a tagged member of the management VLAN 102 you also have to take care, that the management PC sends and can receive ethernet frames tagged with VID 102 either!

  • Finally, whenever you configure a port to be an untagged member of some VLAN ID other than 1, make sure that you also change that port's PVID ("L2 Features > VLAN > 802.1Q VLAN PVID Settings") to that VLAN ID either.
« Last Edit: July 03, 2020, 03:15:55 PM by PacketTracer »
Logged

Tomtomm

  • Level 1 Member
  • *
  • Posts: 3
Re: Two switches and management vlan problem
« Reply #3 on: July 05, 2020, 04:31:26 AM »

Hi,
after having read your scenario I still don't have a complete view:

  • Management VLAN 102 only exists at port 8 of either switch and nowhere else. And port 8 is used by the cable that interconnects both switches. Hence no third device (a management station?) connected to ports 1-7 of any switch can ever reach any switch's management interface, if it listens on VLAN 102 instead of VLAN 1 (default).

    im starting to see problems in this setup i didnt see before, i wrote i they arr connected though port 8 but thats a mistake, port 8 in first switch od connected to ZTE f601 do i must connect second switch to first though ports 1-7

  • Your ZTE F601 is connected to one of the ports 1-7 of the first switch, where management VLAN 102  isn't available. Hence the presence of ID 102 in the TaggedVlanList of the ZTE F601's Ethernet port doesn't make any sense to me. Shall ZTE F601 have access to Management VLAN 102?

    mistake on my config od that f601 is connected to main switch port number 8 and second switch is connected to one of other 7 free ports where i dont have vlan 102...

  • The switch's default setting for the management interface is to only be accessible via VLAN 1. If you want to use VLAN 102 instead, you have to configure that within "L2 Features > VLAN > Management VLAN" (did you?). As soon as you do so, you'll probably lose the connection to the switch, because your (probably non-VLAN-aware?) management PC was connected via a VLAN 1 port initially (that is any port, because it is an untagged member of VLAN 1 by default), where the management interface isn't available any more. Hence, if you want to change the management VLAN from 1 to 102, first configure some switch port for VLAN 102 (either tagged, or if untagged also set that port's PVID to 102 either), where you can plug your management PC to regain access to the management interface after switching over to listening on VLAN 102. If you configured the port to be a tagged member of the management VLAN 102 you also have to take care, that the management PC sends and can receive ethernet frames tagged with VID 102 either!

  • Finally, whenever you configure a port to be an untagged member of some VLAN ID other than 1, make sure that you also change that port's PVID ("L2 Features > VLAN > 802.1Q VLAN PVID Settings") to that VLAN ID either.

Overall i think i need to change config od one of 7 ports in main switch since 8 is connected to f601...
Logged