Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

How to setup TZ470 for dual redundant switch input

TZ470 X3 is shown setup as port shield to X0 so both are the same Private LAN network

Switch Prv1 is connected to X0, and Switch Prv2 is connected to X3.

If we also connect Switch Prv1 to Switch Prv2 there will be a data loop.

How do I setup the SonicWall TZ470 to allow this functionality? Please detail.

This will correct for a single TZ470 port Failure. Yes, we have had one.

This will also allow workstation traffic to flow directly between Prv1 and Prv2 without passing thru SonicWall.

Server is on switch Prv1.

Thanks

Category: Mid Range Firewalls
Reply

Answers

  • ArkwrightArkwright Community Legend ✭✭✭✭✭

    There are no settings for Spanning Tree in SonicOS for Portshield. So it's either on by default, or not implemented. Either way, you can't configure it.

  • JackBurtonJackBurton Newbie ✭

    You could try creating another port shield group for X3. Then create a Deny rule of X3 to X0. If you ever plugged in anything else to one of the other ports you may need to create another Deny rule.

  • ItsIsOnlyMeItsIsOnlyMe Newbie ✭

    According to the diagram two independent edge switches are connect to the SonicWall. I highly doubt they would support MCLAG. Best use case is to configure a redundant port for X0 (goto interface X0 → Advanced → Select X3 for port redundancy).

    The sonicwall will failover to X3 in case X0 goes down (physically). There is no logical testing (LACP). LACP requires a NSA.

  • A_ElliottA_Elliott Enthusiast ✭✭
    edited April 17

    Go to your X0 interface and set it up:

    You'll still need a connection between your switches, as Ubiquiti doesn't support MLAG, and I don't think the TZs do either.

  • MarkDMarkD Cybersecurity Overlord ✭✭✭

    enable spanning tree on the switches!

Sign In or Register to comment.