• SonicOS 7.1
• About SonicOS
  • Working with SonicOS
  • SonicOS Workflow
  • How to Use the SonicOS Administration Guides
  • Guide Conventions
• About Switch Network
  • Before Adding a Switch
  • Enabling the Switch
  • Setting Up Ports
  • Checking Switch Details
• Managing from a Firewall
  • Adding a Switch to a Firewall with Zero-Touch
  • Adding a Switch to a Firewall Manually
  • Changing the Switch Configuration
  • Upgrading Firmware
  • Shutting Down the Switch
  • Restarting the Switch
  • Setting Up PoE
  • Adding a VLAN
  • Adding Static Routes
  • Editing DNS
  • Setting Up QoS
  • Setting Up Users
  • Setting Up 802.1X Authentication
  • Daisy-Chaining Switches
  • Connecting Access Points
  • Modifying the MAC Address Table
  • Checking Port Statistics
• Configuring Switch Topologies
  • Configuring Basic Topologies
  • Connecting the Switch Management Port to a Firewall
  • Configuring a Common Uplink
  • Configuring a Dedicated Uplink
  • Configuring a Hybrid System with Common and Dedicated Uplinks
  • Configuring Isolated Links for Management and Data Uplinks
  • Configuring High Availability
    • Configuring HA and PortShields With Dedicated Uplinks
    • Configuring HA and PortShield With a Common Uplink
    • Configuring HA Using One Switch Management Port
    • Configuring HA Using Two Switch Management Ports
  • Configuring VLANs With Dedicated Uplinks
  • Configuring a Link to SonicWall Access Points
• SonicWall Support
  • About This Document

Configuring a Dedicated Uplink

This configuration allows a given link between the firewall and the Switch to be designated as the dedicated uplink set up to carry PortShield traffic corresponding to the connected firewall interface. The firewall and Switch ports are configured in trunk mode for the VLAN corresponding to the PortShield VLAN of the firewall interface.

This configuration can be used in deployments where a dedicated 1G link is needed for a particular firewall interface. Cases where this configuration is necessary:

• VLANs are used; for example, another Switch behind the Switch.
• There is a large volume of traffic and there needs to be a separate uplink for this traffic.

The risk associated with such a configuration is using up interfaces on the firewall fairly soon.

In this example, there is no common uplink to carry the PortShield traffic for the rest of the firewall interfaces (excluding X0 and X5 for which dedicated links are set up).

For dedicated uplinks to work, the physical link must be connected before being configured.

The diagram, Dedicated Uplink Topology, shows a dedicated uplink setup of a firewall with a Switch. There are two dedicated uplinks in this scenario:

• The uplink between X3 on the firewall and port 1 on the SonicWall Switch is used to manage the Switch. In this configuration, X3 is configured in the same subnet as the IP of the Switch.

• In addition, there are two dedicated uplinks:

  • The uplink between X0 on the firewall and port 11 on the Switch is a dedicated link to carry all PortShield traffic for X0.
  • The uplink between X5 on the firewall and port 7 on the Switch is a dedicated link to carry all PortShield traffic for X5.

You can configure a dedicated uplink with or without setting up the common uplink to carry all PortShield traffic for the different firewall interfaces. In both cases, the common uplink is used to manage the Switch.

To configure a dedicated uplink topology without an common uplink

1. Set up the Switch as described in Adding a Switch to a Firewall Manually.
2. To set up a link as a dedicated uplink without management traffic, in the Add Switch dialog box set Firewall Uplink and Switch Uplink to None.
3. In the DEVICE | Switch Network > Overview > Physical View or List View, enable the Switch port for the dedicated link.

4. Once the Switch port is enabled, go to Switch Port Settings as described in Setting Up Ports. Set portshields to support dedicated uplinks. In this example, port 7 is portshielded to X5.