Configure one interface with 3 vlans and another interface with only on of the vlans.
I would like to configure a TZ400 in the following network:
VLAN1 - Office
VLAN 10 - Guests
VLAN 20 - VOIP
SWITCH1 - Has all three VLANS and a tagged port on the uplink
SWITCH 2 - Has only VLAN20 and does no tagging
On the TZ400 I want to connect the X0 interface to SWITCH1 and X2 to SWITCH2
I have configured virtual interfaces X0:V10 and X0:V20 and everything works with SWITCH1.
How do I configure X2 to tag the traffic as VLAN20 and "bridge" the traffic with X0:V20? If SWITCH2 would tag the traffic I could PORTSHIELD X2 to X0. I don't want to create a separate subnet for X2, just connect the VLAN20 on two interfaces without connecting all the VLANS on X0 as PORTSHIELD would.
Best Answer
-
Saravanan Moderator
Hi @RVICKER,
Thank you for visiting SonicWall Community.
My suggestion to your achieve the setup is to use "Native Bridge Mode" option. You could Native Bridge X2 with X0:V20.
Please try and let us know for any questions.
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
0
Answers
I was hoping that was the route. Just needed to reinforce the documents.
Hi @RVICKER,
Did the suggestion work for you?
Regards
Saravanan V
Technical Support Advisor - Premier Services
Professional Services
Hi @RVicker
As per above suggestion from @Saravanan , Please follow the below screen shot to configure the steps.
Trying to bring all this up I hit a snag with X0 and SWITCH1.
SWITCH1 is a Netgear managed switch. It is configured with a VLAN1 static IP. The three VLANs are set as "T" on port 1 and each VLAN set as "U" on their respective other ports.
When I connect a PC directly to X0 it is correctly assigned a VLAN1 IP and works. When I connect the PC with a static IP to the switch on port 1 or any port assigned as "U" for VLAN1 the PC connects to the switch. If I connect the port 1 on the switch to X0, I can not get them to communicate to each other.
I have used this same Netgear configuration with other routers.
I configured X2 to Portshield to X0 and attached an Engenious access point that is configured to use VLAN1 and VLAN10 and it works completely as expected. Devices that connect to the AP as trusted get VLAN1 IPs and can communicate as configured. Devices that connect to the AP as Guest get VLAN20 IPs and can only communicate to the internet as expected..
Hi @RVicker,
You would have to use VLAN TAG ID in switch port, For example your Firewall X2 configured as native bridge mode with X0:V20, Then you have to configure the switch port as same as below; ( I used Linksys switch for the example)
Got it ALL working. The X0 versus switch was that in the Netgear the trunk port to the Sonicwall the VLAN1 has to be set as "U" not "T" like the other ports.
Ajishlal, You are right that the PVID has to match the VLAN on ports that only have the one VLAN. Netgear even stops you from removing the VLAN that matches the PVID. I had left out that I had all those set as I was sure that it was correct. It was just the "T" versus "U" for the uplink port on the primary VLAN.
Thanks everyone.
I never get a chance to use netgear switchs so not much idea about that product. Anyway glad to hear that your issue got solved.