This might be a little outside the normal scope of this forum, but I figure people here might have some answers.
So I will have two switches in a colocation cabinet (both Cisco SG350-52). One is for LAN connections, and one is to share colocation internet, which comes in over a single 1G ethernet cable.
How do I get access to the management interface of the internet switch without leaving it publicly accessible? If I just plug it into the LAN switch, that lets any traffic cross between switches, causing a number of issues.
I thought VLANs would be the answer, but my experimentation at home with them (using a new SG350 switch) has not been very fruitful. When I create a new VLAN and assign a port to it, that port loses its connection to my LAN, which has nothing but dumb switches, which presumably default to VLAN 1.
So if I create a VLAN for only internet traffic, won't that prevent my uplink port at the data center from seeing those ports? Or are they likely to have the uplink configured as a member of all VLAN ID's?
Going the opposite route and creating a VLAN for all LAN connections seems to be a chicken and egg problem, as I'll eventually run into the situation where I move a port I'm using into the VLAN and lose access to the management interface.
Needless to say, my experience with this side of networking is limited.
Am I missing something simple?
So I will have two switches in a colocation cabinet (both Cisco SG350-52). One is for LAN connections, and one is to share colocation internet, which comes in over a single 1G ethernet cable.
How do I get access to the management interface of the internet switch without leaving it publicly accessible? If I just plug it into the LAN switch, that lets any traffic cross between switches, causing a number of issues.
I thought VLANs would be the answer, but my experimentation at home with them (using a new SG350 switch) has not been very fruitful. When I create a new VLAN and assign a port to it, that port loses its connection to my LAN, which has nothing but dumb switches, which presumably default to VLAN 1.
So if I create a VLAN for only internet traffic, won't that prevent my uplink port at the data center from seeing those ports? Or are they likely to have the uplink configured as a member of all VLAN ID's?
Going the opposite route and creating a VLAN for all LAN connections seems to be a chicken and egg problem, as I'll eventually run into the situation where I move a port I'm using into the VLAN and lose access to the management interface.
Needless to say, my experience with this side of networking is limited.
Am I missing something simple?