Filter
Top Products
Port-Based Virtual LANs (VLANs) and GVRP
Port-Based Virtual LANs (Static VLANs)
The Secure Management VLAN
Configures a secure Management VLAN by creating an isolated network for
managing the HP Procurve switches that support this feature. (As of June 1,
2002, includes the HP Procurve Series 5300XL switches and Series 5300XL
switches.) Access to this VLAN, and to the switch’s management functions
(Menu, CLI, and web browser interface) is available only through ports
configured as members.
Multiple ports on the switch can belong to the Management VLAN. This
allows connections for multiple management stations you want to have
access to the Management VLAN, while at the same time allowing Man-
agement VLAN links between switches configured for the same Manage-
ment VLAN.
Only traffic from the Management VLAN can manage the switch, which
means that only the workstations and PCs connected to ports belonging
to the Management VLAN can manage and reconfigure the switch.
Figure 11-20 illustrates use of the Management VLAN feature to support
management access by a group of management workstations.
Links with Ports Belonging to the Management VLAN and other VLANs
Links Between Ports on a Hub and Ports belonging to the Management
VLAN
Links Not Belonging to the Management VLAN
Links to Other Devices
Hub Y
Switch A
Hub X
Switch B
Server
Switch C
Management Workstations
• Switches “A”, “B”, and
“C” are connected by
ports belonging to the
management VLAN.
• Hub “X” is connected
to a switch port that
belongs to the
management VLAN. As
a result, the devices
connected to Hub X are
included in the
management VLAN.
• Other devices
connected to the
switches through ports
that are not in the
management VLAN are
excluded from
management traffic.
Figure 11-20. Example of Potential Security Breaches
11-27