Security Management

  • 1.  Questions about the console port and mgmt port on the back of a ex3400

    Posted 02-23-2018 10:06

    what is the difference between the console port and the managment port on the back of a ex3400?  I'm confused cause it looks like they do the exact thing.  Can someone explain the differences to me?  Sorry for my confusion, and thank you for your time!



  • 2.  RE: Questions about the console port and mgmt port on the back of a ex3400

    Posted 02-23-2018 10:58

    the console port is for serial management. Usually directly to your laptop or via an console server.

     

    The management port is a physical port which can be assigned an IP either via DHCP or static for out-of-band management of the switch. You cannot pass traffic from the revenue ports to the management port and visa versa.

     



  • 3.  RE: Questions about the console port and mgmt port on the back of a ex3400

    Posted 02-23-2018 23:51

    Console port - Console ports allow root access to the Junos operating system (Junos OS) devices through a terminal or laptop interface, regardless of the state of the Junos OS device, unless it is completely powered off. By connecting to the console port, you can access the root level of the Junos OS device without using the network to which the device might or might not be connected. This creates a secondary path to the Junos OS device without relying on the network.

    You will need supported console cable to have this access.

     

    Ref - https://www.juniper.net/documentation/en_US/junos/topics/concept/console-port-understanding.html

     

    OOB port - You can monitor and manage these devices by using a dedicated management channel. Each device has a management port to which you can connect an Ethernet cable with an RJ-45 connector. Use the management port to connect the device to the management device.

     

    Since it is out of band port, it will be isolated from the traffic which is passing through the device. Also, it requires and IP address configured on the device and plain RJ 45 cable (CAT5 or CAT 6) to have the access.

     

    Ref - https://www.juniper.net/documentation/en_US/release-independent/junos/topics/task/installation/port-out-of-band-management-connecting.html



  • 4.  RE: Questions about the console port and mgmt port on the back of a ex3400

    Posted 02-26-2018 11:59

    So does that man that i can "manage" the switch through either port?  From my understanding of what being posted, both "ports" allow for managment, it's just that one is more of a "direct" connection, and the other is a "network" connection.

     

    Also, with the oob network connection (and pardon me for my ignornace), am i just running a cat cable from that back oob port to a port on the front side of the switch?  What is best practice for where people plug the cable from the oob port to?



  • 5.  RE: Questions about the console port and mgmt port on the back of a ex3400
    Best Answer

    Posted 02-26-2018 19:54

    So does that man that i can "manage" the switch through either port?  From my understanding of what being posted, both "ports" allow for managment, it's just that one is more of a "direct" connection, and the other is a "network" connection.

     

    yes..However, mostly when inband or out of band networks are not reachable, console becomes the option of last resort. Also it is used during the root password recovery or upgrades..

     

    Also, with the oob network connection (and pardon me for my ignornace), am i just running a cat cable from that back oob port to a port on the front side of the switch?  What is best practice for where people plug the cable from the oob port to? - 

    couple of ways you may want to try it. 

    1. you can create seperate network of switches for connecting OOB ports

    2. Or you may create a seperate vlan in the same switch and loop the oob cable in one of front port to carry that vlan till core switch.

     

    HTH..