Unsolved
This post is more than 5 years old
3 Posts
0
10360
Best practise to realise management ports on iscsi/san switches
Hello,
currently we have a management VM in our SAN, just to get to the management IPs of our SAN switches. I want to change that and remove all hosts from the SAN network.
My idea was to setup a management vlan, put one port on the iscsi switch in that vlan and configure the management ip and vlan to that port. Than I would connect that port to our "normal" traffic network. That way, there would be no "bridge" between our SAN network an normal traffic and I would also be able to configure my san switches from my normal workstation.
The problem I ran into was that I somehow need to allow traffic from some ips in my lan-vlan to access the the management IPs.
How would you solve this?
Anonymous
5 Practitioner
5 Practitioner
•
274.2K Posts
0
September 5th, 2014 07:00
To get the devices on different VLANs to communicate with each other, you will need a layer 3 device on the network performing VLAN routing. Once VLAN routing is setup you can then restrict access by using ACLs.
www.dell.com/.../pwcnt_IP_ACLs.pdf
www.dell.com/.../app_note_10.pdf
Hope this info helps.
Cheers