< Home

management-vlan

Function

Using the management-vlan command, you can configure a VLAN as a management VLAN.

Using the undo management-vlan command, you can cancel the configuration.

By default, no VLAN is configured as a management VLAN.

Format

management-vlan

undo management-vlan

Parameters

None

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To use a network management system to manage multiple devices, create a VLANIF interface on each device and configure a management IP address for the VLANIF interface. You can then log in to a device and manage it using its management IP address. If a user-side interface is added to the VLAN, users connected to the interface can also log in to the device. This brings security risks to the device.

After a VLAN is configured as a management VLAN, no access interface or dot1q-tunnel interface can be added to the VLAN. An access interface or a dot1q-tunnel interface is connected to users. The management VLAN forbids users connected to access and dot1q-tunnel interfaces to log in to the device, improving device performance.

Follow-up Procedure

Create a VLANIF interface corresponding to the VLAN and configure a management IP address on the VLANIF interface.

Precautions

VLAN 1 cannot be configured as a management VLAN.

You can run the display vlan command to view the management VLAN configuration. In the command output, the VLAN marked with a * is the management VLAN.

After a VLAN is configured as a management VLAN, only trunk and hybrid interfaces can be added to the VLAN.

Example

# Configure VLAN 100 as a management VLAN.

<HUAWEI> system-view
[HUAWEI] vlan 100
[HUAWEI-vlan100] management-vlan
Parent Topic: VLAN Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >