5 Replies Latest reply on Feb 18, 2013 2:28 PM by levi

    1335 Configuration Review

    alanf New Member

      Hi,

       

      I have been tasked with making some changes to our network and would like to have someone review my proposed configuration for a Netvanta 1335 to ensure I have the configuration setup correctly.

      The changes that I will be making to the configuration will consist of...

      1.  Create a new VLAN for setting up a Sonicwall NSA for high availability.  (currently we have just a single port assigned to the firewall)   I am proposing the new VLAN be called VLAN 100 - Internet.

           (the way I understand, we will have the a single inbound connection from the DSL modem, that will run into Port 23 (VLAN100), that will then be sent back to the two Sonicwall NSA Devices (Ports 22 & 21) Still under VLAN 100, then the Sonicwall's will come back into the 192 Data VLAN (Ports 20 & 19).

      (And maybe I'm making this more complex than it needs to be)

      2.  Create a Guest Vlan  that will assign a DHCP address in the 172.168.2.x range.     Plug the guest switch into port 9.  For the Guest VLAN the only access it will have is to browse out to the internet.

       

       

       

       

      Our current VLANS are   1 - Default, 10 - VOIP and 192 - Data

      Our Current DHCP scope is for VOIP on the 10.10.2.x address.

       

      Thanks.

        • Re: 1335 Configuration Review
          Employee

          alanf - Thanks for posting on the forum! We would be more than happy to review your configuration. You can reply to this post with the configuration, but please remember to edit out any information that is sensitive to your network.

           

          One thing that may be an issue is your plan to have the Sonicwall NSAs connect to the same switch on their WAN and LAN interfaces. NetVanta switches do not support STP (spanning-tree protocol) on a per-VLAN basis. Therefore, the setup you propose will most likely cause a switching loop, resulting in network connectivity issues. To get around this problem, it would be best to physically separate the switches you are connecting the WAN VLAN to and LAN VLANs to.

           

          Please do not hesitate to let us know if you have any further questions.

           

          Thanks,

          Noor

            • Re: 1335 Configuration Review
              alanf New Member

              Noor,

               

              Thanks for the review and comments.

               

              Do I configure the WAN VLANS  on the 1335 and then connect the lan sides of the Sonicwalls to a different switch( like one of our 1224 or 1234 Layer 2 switches?)

               

              Or, what is the best way to connect and configure the Sonicwall's for High Availability?

                • Re: 1335 Configuration Review
                  Employee

                  alanf - I cannot comment on the best way to configure the Sonicwalls for High Availability. In your case, you simply want to have the WAN and LAN on different switching domains to prevent any switching loops. For the WAN switch, you simply need a layer 2 device so a 1224 or 1234 will do. The benefit of having the 1335 act as your LAN switch is that it will be able to do inter-VLAN routing if necessary.

                   

                  Let us know if you have any further questions.

                   

                  Thanks,

                  Noor

                  1 of 1 people found this helpful
                    • Re: 1335 Configuration Review
                      Employee

                      alanf -

                      I went ahead and flagged this post as “Assumed Answered.”  If any of the responses on this thread assisted you, please mark them as either Correct or Helpful answers with the applicable buttons.  This will make them visible and help other members of the community find solutions more easily.  If you still need assistance, I would be more than happy to continue working with you on this - just let me know in a reply.


                      Thanks,

                      Noor

                • Re: 1335 Configuration Review
                  levi Employee

                  alanf:

                   

                  I went ahead and flagged the "Correct Answer" on this post to make it more visible and help other members of the community find solutions more easily. If you don't feel like the answer I marked was correct, feel free to come back to this post and unmark it and select another in its place with the applicable buttons.  If you still need assistance, we would be more than happy to continue working with you on this - just let us know in a reply.

                   

                  Thanks,

                   

                  Levi