• SonicOS 7.1
• About SonicOS
  • Working with SonicOS
  • SonicOS Workflow
  • How to Use the SonicOS Administration Guides
  • Guide Conventions
• About Switch Network
  • Before Adding a Switch
  • Enabling the Switch
  • Setting Up Ports
  • Checking Switch Details
• Managing from a Firewall
  • Adding a Switch to a Firewall with Zero-Touch
  • Adding a Switch to a Firewall Manually
  • Changing the Switch Configuration
  • Upgrading Firmware
  • Shutting Down the Switch
  • Restarting the Switch
  • Setting Up PoE
  • Adding a VLAN
  • Adding Static Routes
  • Editing DNS
  • Setting Up QoS
  • Setting Up Users
  • Setting Up 802.1X Authentication
  • Daisy-Chaining Switches
  • Connecting Access Points
  • Modifying the MAC Address Table
  • Checking Port Statistics
• Configuring Switch Topologies
  • Configuring Basic Topologies
  • Connecting the Switch Management Port to a Firewall
  • Configuring a Common Uplink
  • Configuring a Dedicated Uplink
  • Configuring a Hybrid System with Common and Dedicated Uplinks
  • Configuring Isolated Links for Management and Data Uplinks
  • Configuring High Availability
    • Configuring HA and PortShields With Dedicated Uplinks
    • Configuring HA and PortShield With a Common Uplink
    • Configuring HA Using One Switch Management Port
    • Configuring HA Using Two Switch Management Ports
  • Configuring VLANs With Dedicated Uplinks
  • Configuring a Link to SonicWall Access Points
• SonicWall Support
  • About This Document

Configuring Isolated Links for Management and Data Uplinks

This configuration allows separate links between the firewall and Switches to carry management traffic and data traffic. With a common link, the management traffic and data traffic run in the same uplink. If data traffic is congested, so is management traffic, which results in a delay in forwarding management traffic. If data traffic is congested, consider configuring separate links for management traffic and data traffic. Although similar to a common link configuration, the isolated management/data configuration runs separate uplinks for management traffic and data traffic. This configuration ensures that even with a high amount of data traffic, management traffic to the Switch is forwarded without being delayed.

The management port cannot be portshielded.

Isolated Link Topology shows an isolated link setup of a firewall with a Switch:

• The link between X2 on the firewall and port 1 on the Switch carries management traffic to the Switch. In such a configuration, X2 is configured in the same subnet as the IP of the SonicWall Switch.

  When the Switch is configured with Isolated uplink the switch IP should be configured at a Static IP address.

• The link between X3 on the firewall and port 2 on the Switch is the uplink set up to carry all data traffic except managment traffic.
• The switch interfaces cannot be portshielded to X3 directly, but can be portshielded to VLAN interfaces on X3.
• Port 1 is configured as the Switch management port.
• Port 2 of the switch acts as a data uplink.

• Port 3 of the switch can be portshielded to one of the VLAN interfaces on X3.

  To change the Reserved VLAN range on the firewall, do so before adding the SonicWall Switch. If the Reserved VLAN range changes after connecting the Switch, then the Switch must be removed and re-added.

To set up isolated links for management and data traffic

1. Connect Switch port 1 to X2 of the firewall which is configured in same subnet as the Management IP address of the Switch.
2. Connect Switch port 2 to X3 of the firewall.
3. Navigate to DEVICE | Switch Network > Overview > List View and click on the Add Switch button.

4. When a dialog box appears, enter the data requested and the following settings:

   • Switch Management = 1
   • Firewall Uplink = X3
   • Switch Uplink = 2
     
5. When complete with configuration click on ADD.