Management Interface Assignment best practice

Forum|Forum|8 years ago
January 25, 2018
1 reply
13581 views

Hello,

I have question when configuration Dedicated Management interface for my firewall.

Should I put it to root VDOM? or I should create another new VDOM and assign it there? or another better practice?

Thanks!

5.6

Toshi_Esumi

SuperUser

It wouldn't be a matter if the purpose of the mgmt interface(s) is to get in the unit out-of-band with a super-user admin. We leave them in the default root vdom.

machiasiawebAuthor

New Member

Then the others ports like WAN is better to split into another VDOM?

One reason is if mgmt interface is using different path compare with WAN port to access Internet.

Another reason is better to manage.

Toshi_Esumi

SuperUser

Mgmt interfaces can't be used to carry user traffic. It wouldn't even show up in routing table. You probably saw (didn't see) in root vdom by now. It's dedicated to management purpose only. All the other ports can be used for any routings&firewallings, which you might want to move around vdoms depending on your network design with multiple vdoms.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded