• SonicOS 7
• Overview
  • Before Adding a Switch
  • Enabling the Switch
  • Setting Up Ports
  • Checking Switch Details
• Managing from a Firewall
  • Adding a Switch to a Firewall with Zero-Touch
  • Adding a Switch to a Firewall Manually
  • Changing the Switch Configuration
  • Upgrading Firmware
  • Shutting Down the Switch
  • Restarting the Switch
  • Setting Up PoE
  • Adding a VLAN
  • Adding Static Routes
  • Editing DNS
  • Setting Up QoS
  • Setting Up Users
  • Setting Up 802.1X Authentication
  • Daisy-Chaining Switches
  • Connecting Access Points
  • Modifying the MAC Address Table
  • Checking Port Statistics
• Configuring Switch Topologies
  • Configuring Basic Topologies
  • Connecting the Switch Management Port to a Firewall
  • Configuring a Common Uplink
  • Configuring a Dedicated Uplink
  • Configuring a Hybrid System with Common and Dedicated Uplinks
  • Configuring Isolated Links for Management and Data Uplinks
  • Configuring High Availability
    • Configuring HA and PortShields With Dedicated Uplinks
    • Configuring HA and PortShield With a Common Uplink
    • Configuring HA Using One Switch Management Port
    • Configuring HA Using Two Switch Management Ports
  • Configuring VLANs With Dedicated Uplinks
  • Configuring a Link to SonicWall Access Points
• SonicWall Support
  • About This Document

Configuring Basic Topologies

About Topologies

Basic topologies for an SWS12- or SWS14-series Switch include:

• Configuring a Common Uplink
• Configuring a Dedicated Uplink
• Configuring a Hybrid System with Common and Dedicated Uplinks
• Configuring Isolated Links for Management and Data Uplinks
• Configuring High Availability
• Configuring VLANs With Dedicated Uplinks
• Configuring a Link to SonicWall Access Points

About Links

A common link carries data and management traffic. Common links carry all PortShield traffic and all the PortShield groups.

A dedicated link can carry only one PortShield group, and that group must be portshielded to the dedicated port on the SonicWall firewall.

An isolated link can carry management traffic OR data traffic, but not both at the same time. Isolated links usually have separate connections between the firewall and the Switches for management traffic and data traffic.

About Uplink Interfaces

Uplink interfaces can be viewed as “trunk” ports set up to carry tagged/untagged traffic. When a Switch is added with firewall Uplink and Switch options, the port on the firewall configured as the firewall uplink and the port on the Switch configured as the Switch uplink are set up automatically to receive/send tagged traffic for all IDV VLANs. The IDV VLAN of the tagged traffic allows the firmware to derive the PortShield host interface for the traffic.

IDV — Interface Disambiguation via VLAN – The reconfiguring of ports, portshielded to firewall interfaces, on the Switch as access ports of the VLAN corresponding to the PortShield VLAN.

Criteria for Configuring an Uplink Interface

• The interface must be a physical interface; virtual interfaces are not allowed.
• The interface must connect a firewall and a Switch.
• The interface cannot be a PortShield host (some other firewall interface cannot be portshielded to it) or a PortShield group member (cannot be portshielded to another firewall interface).
• The interface cannot be a bridge primary or bridge secondary interface.
• The Switch side of the uplink interface cannot have any children (it cannot be a parent interface for children interfaces). The Firewall uplink interface can have child/ sub interfaces.