In my network we configured 5 VLANs( STATIC VLANs) and placed each switch in each floor. I want to allow my manager to access all VLANs from any where he connects the network. how do i configure this setup? Thanks & Regards, Rajesh.M

We’re missing a lot of info here – how did you create the VLAN’s? What platform? Do you have a router to connect them? Do you require ONLY one person to have access to all 5 (much trickier)?

  • Paul144hart
    Your solution may be to create another VLAN that be added to all ports as allowed access to the other independent VLANs. (It sounds like you are making them independent and isolated from each other)
  • Astronomer
    Based on the minimal information provided, I assume you have five static VLANs, each with a different IP subnet. You have a router connecting these subnets. All clients point to the router IP on their subnet as the default gateway. You want your manager to be able to reach all subnets from whichever one he connects to. If you are running a properly configured DHCP server, (and forwarding correctly on the router), providing IP configurations for all of the subnets, then there shouldn't be an issue to see any other subnet once the client gets a proper IP for the subnet it is on. If you aren't running DHCP, then the system will need to have its IP, default gateway, and possibily subnet mask changed whenever it is moved from one VLAN to another. This arrangement allows anyone from any VLAN to reach any other node regardless of which subnet you are on. As indicated by another response, if want only the manager to see everyone from any VLAN, this becomes much more complicated. rt
  • Vladimiro
    Well, as said the information is minimal but here goes my cup of tea. Did you establish the VLAN by configuring the router (or switch) directly? If so, then i guess you'll have to determine a common port to all five VLAN's and connect a switch to it. This switch will receive all the 5 connections from each floor... of course this means that you will have a fixed point of connection in each floor that only your manager must have access to. I hope this helps and best regards, Vladimiro F.
  • Douger
    OK, I'll weigh in here just because I have been doing a lot of research and testing of vlan setup in my network lately. If you have a layer 2 switch on each of these floors and they are connected to each other you can do this: Create a new vlan on each switch with a new vlan id that includes each of the computers/servers/printers/whatever network connected device that you want your manager to be able to access. The vlan id should be the same on all switches. Set the switches so that the link between them is an 802.1Q trunk, this allows the tagged packets to carry their tags between switches. Then make the primary vlan id for the port the managers machine is connected to the same as the new vlan id vlans you created. This should tag all packets from the managers machine with that vlan id, and when they arrive at the switch they will be still have the tag as they have traveled over 802.1Q trunks. With that tag in place, the packets will have access to all of the ports in the vlan whose id matches the tag. The computers/printers/servers etc. should connect to untagged ports on the switch. The ports that link to other switches should be 802.1Q trunks and be tagged. The idea is to get that tag on the packet from end to end, and then have the resources in the vlan that matches the tag. I have had good results with doing this on switches from the same manufacturer. When I tried to add a couple of older switches they did not interoperate in precisely the same fashion. Best - Doug
  • Michael78
    All switches 5 are on the same network (subnet)All switches mast have a management vlan 1 witch mast be no shutdown and you have at least assign 1 port in it , so then will be able to use this port, to manage the switches in each floor. You need and dhcp server for addressing , you can use and static ip but you change the ip configuration all the time.the other step, is to connect the switches each other by trunk ports (encapsulation dot1q). Important is, managements vlan 1 from all switches to be within the same subnet
