Meraki

Community

Management Vlan best practices

Solved
SAM-Al
Here to help
‎Jun 18 2019 2:48 AM
‎Jun 18 2019 2:48 AM

Management Vlan best practices

Hi guys,

 

Would you please advise about Meraki best practice for the management vlan? 

In  my test network I have pair of MXs followed by pair of aggregation switches which feed couple of access switches and WAPs...

All my vlans are configured in the aggregation switches where the intervlan routing happens....the current management vlan for the WAPs and the switches is Vlan 1 which  is same as the MX gateway that facing the aggregation switches.

Any idea about the best practice that I should follow?

I know above can cause issue for especially I'm planning to use RADIUS server one will sit in house and back up one in Azure.

Please let me know

 

Thanks 

0 Kudos
1 Accepted Solution
AlexC
Meraki Employee
Meraki Employee
‎Jun 19 2019 8:44 AM
‎Jun 19 2019 8:44 AM

Hi @SAM-Al

 

It is recommended to have a dedicated VLAN for management traffic, although not always required, per our KB article for Understanding and Configuring Management VLANs.

 

In your case, I would recommend configuring your aggregation switches' management interfaces in the transit VLAN (so that they can still function if anything happens downstream), and then creating a management VLAN on the aggregation switches for the remaining downstream equipment (access switches, APs, etc).

 

As long as routing is configuring properly, you shouldn't have an issue with on-premise or cloud based RADIUS server.

 

Cheers,

 

-Alex

If this was helpful, click the Kudos button below.
Please mark it as a solution if solved your issue so others can benefit from it 🙂

View solution in original post

1 Reply 1
AlexC
Meraki Employee
Meraki Employee
‎Jun 19 2019 8:44 AM
‎Jun 19 2019 8:44 AM

Hi @SAM-Al

 

It is recommended to have a dedicated VLAN for management traffic, although not always required, per our KB article for Understanding and Configuring Management VLANs.

 

In your case, I would recommend configuring your aggregation switches' management interfaces in the transit VLAN (so that they can still function if anything happens downstream), and then creating a management VLAN on the aggregation switches for the remaining downstream equipment (access switches, APs, etc).

 

As long as routing is configuring properly, you shouldn't have an issue with on-premise or cloud based RADIUS server.

 

Cheers,

 

-Alex

If this was helpful, click the Kudos button below.
Please mark it as a solution if solved your issue so others can benefit from it 🙂
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.