background image

SonicWall Switch Getting Started Guide

Configuring from the Firewall

43

Daisy-Chaining Switches

Switches can be setup with firewalls in standalone or daisy-chained configurations.

• Standalone mode

 — Up to four Switches can interface to a single firewall over separate ports. 

• Daisy Chain mode

 — Up to four Switches can be supported in three configurations.

a 1 Switch in standalone mode and three Switches connected to it in daisy chain mode.

b 2 Switches in standalone mode and with 1 Switch connected to each in daisy chain mode. 

c

3 Switches in standalone mode and 1 Switch connected to any of the Switches in daisy chain 
mode.

After connecting the child Switch to the parent Switch, the Switch will be visible in the 

Switch Controller > 

Overview

 page. Simply click the Authorize option and the Switch will be added in daisy chain manner

To add a Switch in daisy chain mode:

1 Select a Switch in standalone configuration to daisy-chain the additional Switch to. Then determine 

which ports to use to connect the additional Switch. 

2 Go  to 

MANAGE | Switch Controller > Overview 

and click on 

Add Switch

.

NOTE: 

Switches may be added into daisy-chained configurations manually or by using Zero-Touch. 

NOTE: 

Adding un-configured connections between the firewall and parent Switch will bring down the link 

between the parent Switch and a child Switch. To avoid this, configure additional links between the 
firewall and parent Switch before making the physical connection. 

Содержание SWS12 Series

Страница 1: ...SonicWall Switch Getting Started Guide...

Страница 2: ...20 Configuring from the Firewall 22 Firewall Switch Controller UI 22 Before Adding a Switch 23 Checking Switch Details 23 Adding a Switch to a Firewall with Zero Touch 24 Adding a Switch to a Firewall...

Страница 3: ...uring a Dedicated Uplink 61 Configuring a Hybrid System with Common and Dedicated Uplink s 63 Configuring Isolated Links for Management and Data Uplinks 64 Configuring HA and PortShields With Dedicate...

Страница 4: ...o your MySonicWall account If you do not have an account create one at https www mysonicwall com 3 Navigate to MyWorkspace Register Products and go through the steps 4 When you add a Switch at the fir...

Страница 5: ...des simple yet powerful PoE manageability with features such as IEEE 802 3af or IEEE 802 3at af ports PoE port management voice VLAN QoS static routing 802 1x authentication and access point managemen...

Страница 6: ...omains The Switch provides the Wired Security and also enhances port density Use it to segment a network into different VLANs or zones The Switch also supports access points which provides Wireless Se...

Страница 7: ...es can be managed from a SonicWall firewall WiFi Cloud Manager or directly from on premises or cloud based systems From top to bottom the models are SWS12 8 SWS12 8PoE Check Package Contents Check tha...

Страница 8: ...SFP Ports Small Form Pluggable ports 1 Gbps 4 PoE Mode LED Off PoE mode off Lit PoE mode on 12 SFP Link Act LED per SFP port Off No link Solid Green active1 Gbps link Blinking packet transfer in proc...

Страница 9: ...this booklet your package includes SonicWall Switch 2 rack mounting brackets with 8 screws Serial cable Safety Environmental and Regulatory Information booklet Power cable in figure above 10 A minimu...

Страница 10: ...current 3 Fault LED Off normal Lit Fault 10 Link Activity LED per copper port Off No link Solid Light link on Blinking packet transfer in process 4 PoE Max LED Off Additional PoE device may be added L...

Страница 11: ...D Off Additional PoE device may be added Lit PoE power limit exceeded 11 Link Act LED per copper port Off No link Lit link on Blinking packet transfer in process 5 LAN Mode LED Off LAN mode off Lit LA...

Страница 12: ...Max LED Off Additional PoE device may be added Lit PoE power limit exceeded 11 Link Act LED per copper port Off No link Lit link on Blinking Light packet transfer in process 5 LAN Mode LED Off LAN mod...

Страница 13: ...s For an overview on using SFP SFP refer to SonicWall 10 Gigabit Ethernet SFP Ports and 1 Gigabit Ethernet Ports For a list of third party SFP SFP modules refer to Supported SFP and SFP Modules For a...

Страница 14: ...SonicWall SFP SFP modules and ca bles https www sonicwall com customers contact sales 4 4 4 4 Fans 1 2 1 3 Power Supply 180 W 25 W 480 W 60 W 900 W Power Input 100 240 VAC 2 5 A 50 60 Hz 100 240 VAC...

Страница 15: ...ct to the Switch Local User Interface 1 Configure an IP address in the 192 168 168 0 24 subnet to access the Switch Local UI 2 Now power up the Switch and wait for it to fully boot Connect an Ethernet...

Страница 16: ...To change the password click on the edit icon To add Switch to a network with a DHCP server 1 Go to System Network and click on Action 2 In IPV4 SETTINGS select DHCP 3 Click OK and then connect the Sw...

Страница 17: ...ate to Network Routing to establish a static route Connecting via the Console Port Follow these steps to connect with the Command Line Interface for the switch Refer to Hardware Overview on page 7 loc...

Страница 18: ...ons as shown below This feature will allow changing the active firmware image after selection here and re booting New firmware can be loaded into the active or inactive partition 2 Click to select the...

Страница 19: ...stem Firmware and select upgrade details as below and click on apply 3 Once the Switch has rebooted log back into the Switch and verify the firmware version is properly updated IMPORTANT Once the firm...

Страница 20: ...rade 1 If you do not have a TFTP server on your PC download one Below we show one from https tftpd32 jounin net 2 Download the new firmware from software sonicwall com 3 Bring up the TFTP server note...

Страница 21: ...ttps www sonicwall com support knowledge base how can i login to the appliance using the c ommand line interface cli 170505641032025 3 Once connected to the Command Line Interface log in Defaults are...

Страница 22: ...g a Switch on page 23 List View Setting Up the Ports on page 37 VLAN View Adding a VLAN on page 32 Switches Switch Checking Switch Details on page 23 Networks Adding a VLAN on page 32 Users Setting Up...

Страница 23: ...r firewall interface can be portshielded to it The firewall interface linking to the Switch cannot be a PortShield group member that is it cannot be portshielded to another firewall interface Switches...

Страница 24: ...ro Touch To prepare firewall 1 Check that the firewall firmware is at the most recent level IMPORTANT Please register your Switch before trying to add it to a firewall See Registering Your Switch on p...

Страница 25: ...tch Navigate to Manage Network Interfaces and select an interface then click on Configure and select the Advanced tab Select Enable AutoDiscovery of SonicWall Switches 3 Connect the Switch to the sele...

Страница 26: ...h Getting Started Guide Configuring from the Firewall 26 5 Navigate to Manage Switch Controller Overview Click on Authorize button to add the Switch to firewall 6 The network topology will now appear...

Страница 27: ...t appears click on Add Switch The dialog box will appear ID The system will auto assign a consecutive number here IMPORTANT Please register your Switch before trying to add it to a firewall See Regist...

Страница 28: ...Chain when multiple Switches are added such that no Switch connects with more than two others Switch Management Management traffic flows on this interface Firewall Uplink This is the port on the fire...

Страница 29: ...irewall 29 Changing the Switch Configuration Click the three dot box to the right of the switch graphic in the Physical Overview display and then select Edit Check the Status and Link Details Navigate...

Страница 30: ...tch configuration details are correct including IP address serial number and Switch Management interface This can also be done by going to Switch Controller Switches and clicking on Configure See Chan...

Страница 31: ...itch 1 Simply depress the recessed reset Switch on the front panel for a second OR 1 Click on the 3 dot menu on the Switch image on the Overview page and click on Reboot Switch To reboot the Switch to...

Страница 32: ...n By limiting traffic to specific broadcast domains VLANs improve security Each VLAN in a network has an associated VLAN ID which appears in the IEEE 802 1Q tag in the Layer 2 header of packets transm...

Страница 33: ...ifies LAN Voice Priority Tag determines priority among active voice streams Differentiated Service Code Point defines QoS Use the Voice VLAN Settings to enable Voice traffic management and determine i...

Страница 34: ...uide Configuring from the Firewall 34 To Enable Disable Voice VLAN from the Physical View Simply go to MANAGE Switch Controller Overview and click on the port When the sideband display appears scroll...

Страница 35: ...tic route to a Switch 1 Navigate to Switch Controller Switches then select Static Routes and click on Add Static Route 2 Fill out the dialog box Destination IP address with 0 as the last octet x x x 0...

Страница 36: ...SonicWall Switch Getting Started Guide Configuring from the Firewall 36 Editing DNS To set DNS addresses go to Switch Controller Switches and select Network then click on Edit DNS...

Страница 37: ...To configure specific ports 1 Go to Switch Controller Overview and click on List View This can also be done from the Physical View 2 When the list appears click on the edit button for the specific po...

Страница 38: ...queue resulting in uninterrupted actions To set up QoS for a Switch 1 Navigate to Switch Controller Switches and click on QoS 2 Set Egress Policy The first screen details Egress Policy which applies f...

Страница 39: ...9 4 To set class of service click on CoS In the CoS Class of Service screen the CoS priority tag values where 0 is the lowest and 7 is the highest are related to eight traffic priority queues from 1 t...

Страница 40: ...the PoE module The Device Discovery Protocol lets the device discover powered devices attached to device interfaces and learns their classification Disabled Disables the Device Discovery protocol and...

Страница 41: ...Guide Configuring from the Firewall 41 Setting Up Users Users with different access levels admin and user can be defined by navigating to Switch Controller Switches and clicking on Users Users are li...

Страница 42: ...d to access resources located on the protected side of the network The Switch uses 802 1X to enable or disable port access control to enable or disable the Guest VLAN and to enable or disable the forw...

Страница 43: ...After connecting the child Switch to the parent Switch the Switch will be visible in the Switch Controller Overview page Simply click the Authorize option and the Switch will be added in daisy chain m...

Страница 44: ...hot in Step 2 It is the second column in the row for this Switch Parent Switch Uplink Interface on parent Switch which is connected to the child Switch Switch Uplink This is the port through which the...

Страница 45: ...ng graphic exemplifies a firewall Switch access point configuration To manage an access point through a Switch this procedure refers to the following diagram 1 Connect Port 1 of Switch to X2 interface...

Страница 46: ...ets an IP address from the configured network To do this in the firewall GUI go to Access Points Base Settings and select SonicWave Object For details on configuring the SonicWave object see Configuri...

Страница 47: ...Mask The default is 255 255 255 0 6 Use the default settings or select appropriate settings for the other fields and then click OK To Configure the WLAN Zone 1 In the MANAGE view on the System Setup N...

Страница 48: ...ireless under SonicPoint SonicWave Settings select Only allow traffic generated by a SonicPoint SonicWave to allow only traffic from SonicPoints SonicWaves to enter the WLAN zone interfaces providing...

Страница 49: ...the Authentication Type for your wireless network SonicWall recommends using WPA2 as the authentication type if all client devices support it 5 Select the Cipher Type When using WPA and WPA2 SonicWall...

Страница 50: ...lients lists of available wireless connections Hiding the SSID provides additional security because it requires that you know the access point name before connecting 3 When finished configuring all op...

Страница 51: ...ime specifies the time before an entry ages and is discarded from the MAC address table The range is from 0 to 1000000 The default value is 300 seconds Entering the value 0 disables MAC aging This age...

Страница 52: ...tarted Guide Configuring from the Firewall 52 Checking Port Statistics The statistics table for a Switch can also be reached through Switch Controller Switches Statistics This table presents details o...

Страница 53: ...configured by a single STP would work but it becomes more efficent to use the alternate paths available by using an alternate spanning tree for different VLANs or groups of VLANs MSTP which is based...

Страница 54: ...STP from Physical View Simply go to MANAGE Switch Controller Overview and click on the port When the sideband display appears scroll to STP state as shown below Changing Firmware Switches Firmware en...

Страница 55: ...UI To access the Switch local user interface refer to Connecting over Ethernet on page 15 For a detailed description of the the Switch Local User Interface see Switch documentaion on the SonicWall do...

Страница 56: ...ude Common uplink configuration Dedicated uplink configuration Hybrid configuration with common and dedicated uplink s Isolated links configuration for management and data traffic HA and PortShield co...

Страница 57: ...interface cannot be a bridge primary or bridge secondary interface The Switch side of the uplink interface cannot have any children it cannot be a parent interface for children interfaces The Firewal...

Страница 58: ...at a high amount of data traffic can penalize forwarding of management traffic as the same link is shared for both types of traffic The diagram Common Uplink Topology shows a typical integration topol...

Страница 59: ...twork DHCP Server and click on the Configure icon pencil for the X3 interface b Setup the DHCP lease to cover the Switch management IP address The default IP address for the Switch management interfac...

Страница 60: ...SonicWall Switch Getting Started Guide Configuring Basic Topologies 60 3 In Overview Physical View a single link should now appear between the firewall and the Switch...

Страница 61: ...ch a configuration is using up interfaces on the firewall fairly soon Dedicated Uplink Topology shows a dedicated uplink setup of a firewall with a Switch There are two dedicated uplinks in this scena...

Страница 62: ...ommon uplink 1 Set up the Switch as described in Adding a Switch to a Firewall Manually on page 27 2 To set up a link as a dedicated uplink without management traffic in the Add Switch diaglog box set...

Страница 63: ...n link between X3 on the firewall and port 1 on the Switch carries PortShield traffic for firewall interfaces other than X0 Ports X0 and 11 for the dedicated uplink are trunk mode ports for the VLAN c...

Страница 64: ...shows an isolated link setup of a firewall with a Switch The link between X2 on the firewall and port 1 on the Switch carries management traffic to the Switch In such a configuration X2 is configured...

Страница 65: ...h is configured in same subnet as the Management IP address of the Switch 2 Connect Switch port 2 to X3 of the firewall 3 Navigate to Switch Controller Overview and click on the Add Switch button 4 Wh...

Страница 66: ...Switch are portshielded to X4 with the dedicated uplink option enabled Ports 2 and 4 are portshielded to X3 Ports 3 and 5 are portshielded to X4 When the primary unit acts in active HA mode traffic be...

Страница 67: ...e management and uplinke interfaces from their respective drop down menus and click on Add b Set management uplinks for both Primary and Secondary firewalls to to Switch port 1 and firewall interface...

Страница 68: ...unit is connected to port 1 X0 of the secondary unit is connected to port 7 When the primary firewall is active the link between X0 of the primary and port 1 of the Switch carry the management traffic...

Страница 69: ...for the two Switches Define one as Primary and the other as Secondary b Set Firewall and Switch Uplink options to None 3 Click ADD NOTE The Firewall Uplink and Switch Uplink options are not relevant...

Страница 70: ...y firewalls HA Pair Using a Common Switch Topology shows a firewall pair and two Switches The link between X3 and Switch 1 is set up as a common uplink Similarly the link between X2 and Switch 2 is se...

Страница 71: ...r Switch 2 X3 Firewall uplink on the firewall for Switch 1 Switch 1 Interfaces 10 Host facing interface portshielded to X0 21 Switch uplink for the primary firewall 23 Switch uplink for the secondary...

Страница 72: ...verlapping VLANs cannot exist under common uplink interfaces For example if X3 is set up as a common uplink to a Switch and VLAN 100 exists under X3 another interface that is configured as a common up...

Страница 73: ...a trunk to carry VLAN 100 Port 11 is portshielded to X5 and configured as a trunk to carry VLAN 150 Port 12 is portshielded to X5 and configured as an access to carry VLAN 200 Configuring a Dedicated...

Страница 74: ...the Interface Settings table click the Configure icon for the interface you want to configure The Edit Interface dialog displays 5 From Zone select on a zone type option to which you want to map the i...

Страница 75: ...oints with RJ45 are portshielded to that dedicated port If the SonicWall access points are behind the firewall and are to be managed the pair of ports on the firewall and the Switch must be configured...

Страница 76: ...l go to https www sonicwall com support The Support Portal enables you to View knowledge base articles and technical documentation View and participate in the Community forum discussions at https comm...

Страница 77: ...FORMATION ARISING OUT OF THE USE OR INABILITY TO USE THIS DOCUMENT EVEN IF SONICWALL AND OR ITS AFFILIATES HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES SonicWall and or its affiliates make no...

Отзывы: