Configuring a management VLAN on a WLAN device

To use a remote network management system to centrally manage APs, create a VLANIF interface on each AP and configure a management IP address for the VLANIF interface. You can then log in to an AP through STelnet and manage it using its management IP address. If a user-side interface is added to the VLAN, users connected to the interface can also log in to the APs. This brings security risks to the AP.
In this case, you can configure the VLAN as a management VLAN to prohibit access or dot1q-tunnel interfaces from being added to the VLAN. An access interface or a dot1q-tunnel interface is connected to users. The management VLAN forbids users connected to access and dot1q-tunnel interfaces from logging in to the AP, improving AP security.
You can configure a management VLAN as follows:
1. Run the system-view command to enter the system view.
2. Run the vlan xx command to enter the VLAN view.
3. Run the management-vlan command to configure a management VLAN. After a management VLAN is configured, only trunk or hybrid interfaces can be added to the management VLAN. VLAN 1 cannot be configured as a management VLAN.
4. Run the quit command to exit from the VLAN view.
5. Run the interface vlanif xx command to enter the VLANIF interface view.
6. Run the ip address ip-address { mask | mask-length } [ sub ] command to configure an IP address for the VLANIF interface. After the configuration is complete, you can run the stelnet command to log in to the AC to manage APs.
7. Check the configuration. Run the display vlan command to view information about the management VLAN in the line starting with an asterisk sign (*).

Other related questions:
Configuring a management VLAN on a WLAN device
Creating a VLAN on a WLAN device
If you have more questions, you can seek help from following ways:
To iKnow To Live Chat To Google
Scroll to top