Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

391

392

393

394

395

396

397

398

399

400

Configuring VLANs

March 15, 2011 Page 15 of 20

Procedure 2providesanexampleofhowtocreateasecuremanagementVLAN.Thisexample,

whichsetsthenewVLANasVLAN2,assumesthemanagementstationisattachedtoge.1.1,and

wantsuntaggedframes.Theprocessdescribedinthi ssectionwouldberepeatedoneverydevice

thatisconnectedinthe

networktoensurethateachdevicehasasecuremanagementVLAN.

Configuring Dynamic VLANs

Procedure 3describeshowtoenabletheGARP(GenericAttributeRegistrationProtocol)VLAN

RegistrationProtocol(GVRP),whichisneededtocreatedynamicVLANs.Bydefault,GVRPis

enabledgloballybutdisabledattheportlevel.GVRPmustbegloballyenabledandalsoenabled

onspecificportsinordertogenerateandprocess

GVRPadvertisementframes.

Procedure 2 Secure Management VLAN Configuration

Step Task Command(s)

1. (Applies to X-Series only.) Configure the ports to

be used as switch ports.

set port mode host.0.1; ge.1.1 2

switched

2. Create a new VLAN. set vlan create 2

3. Set the PVID for the host port and the desired

switch port to the VLAN created in Step 2.

set port vlan host.0.1; ge.1.1 2

4. If not done automatically when executing the

previous command, add the host port and

desired switch port(s) to the new VLAN’s egress

list.

set vlan egress 2 host.0.1; ge.1.1 2

untagged

5. Set a private community name to assign to this

VLAN for which you can configure access rights

and policies.

set snmp community private

Note: By default, community name—which determines remote access for SNMP management—is

set to public with read-write access. For more information, refer to your device’s SNMP

documentation.

Note: Refer to “GARP VLAN Registration Protocol (GVRP) Support” on page 8 for conceptual

information about GVRP.

Procedure 3 Dynamic VLAN Configuration

Step Task Command(s)

1. Show existing GVRP configuration for a port or

list of ports.

If no port-string is entered, the global GVRP

configuration and all port GVRP configurations

are displayed.

show gvrp [port-string]

2. If necessary, enable GVRP on those ports

assigned to a VLAN. You must specifically

enable GVRP on ports, since it is disabled on

ports by default.

set gvrp enable port-string

3. Display the existing GARP timer values. show garp timer [port-string]