Switch Management Guide
I
NITIAL
 C
ONFIGURATION
2-7
Using the dedicated management port provides a back channel for 
troubleshooting when the switch cannot be reached through the data 
network. To provide additional security against eavesdropping on 
management traffic, leave the IP address for the data network (i.e., the 
VLAN containing ports 1-18) unconfigured.
To create a new VLAN and assign the management port to it, enter 
commands similar to those shown below:
1. From the Global Configuration mode prompt, type “vlan database” to 
access the vlan-configuration mode. Press <Enter>. 
2. Enter “vlan vlan-id media ethernet state active” where “vlan-id” should 
be set to a VLAN index that does not contain the data ports. 
3. Enter “vlan vlan-id name vlan-name” where “vlan-id” is the index for 
the management VLAN and “vlan-name” is a name chosen to 
represent the management VLAN. 
4. Return to the Global Configuration mode by entering the “exit” 
command.
5. At the Global Configuration mode prompt, type “interface ethernet 
1/19” to access the interface-configuration mode for Port 19. Press 
<Enter>.
6. Enter “switchport allowed vlan add 2 untagged” to add Port 19 as an 
untagged member of VLAN 2.
7. Enter “switchport native vlan 2” to configure the default VLAN ID 
for this port as VLAN 2. The default VLAN ID for all ports is VLAN 
1, and this must be reassigned to another VLAN before you can 
remove Port 19 from VLAN 1 as shown in the next step.
8. Enter “switchport allowed vlan remove 1” to remove Port 19 from the 
data network. 










