How do I create an additional VLAN on Dell 5548p and assign ports?

wRx7M
wRx7M used Ask the Experts™
on
Hello,

I would say I am an intermediate in networking, but I can't figure out how to perform the following. Specific instructions on how to accomplish this would be greatly appreciated.

Background:
Currently, I have WiFi APs that are powered by regular AC power and are connected via CAT5E to a 5-port unmanaged switch, which is uplinked to a SonicWALL, then to the internet. This separates all WiFi traffic from our main network. If the people using WiFi need access to our main network, they need to connect to the VPN first.

Equipment:
Dell PowerConnect 5548P Gb Switch
SonicWALL TZ200 Firewall
Various WiFi APs

Problem:
I have several new WiFi APs that I need to have connected to a POE switch that will need to be logically, completely separate from the existing network (default VLAN1) and will be up-linked to a port on the SonicWALL that will then route to the internet. Basically, I just want to segregate ports to make their own separate switch to get the benefit of the POE.

I am thinking that it should be setup like this:
Default VLAN1: Ports 1-42
WiFi VLAN2: Ports 43-48
Where VLAN1 and VLAN2 are completely isolated from each other.
Ports 43-47 are connected to WiFi APs
Port 48 is connected to the SonicWALL.

Anyone care to weigh-in on how to accomplish this? I have tried the 5548p web interface but it is surprisingly confusing. The best the help link can do is just restate the terms and not actually tell me how to do it. The manual is marginally better.
Thanks!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Rick HobbsRETIRED
Top Expert 2006

Commented:
This should help.
Rick HobbsRETIRED
Top Expert 2006

Commented:

Author

Commented:
I will see if I can modify the 2 switch scenario to make it a single switch. Thank you.
Will the 5-port still be in use or is the PoE switch going to replace it as well?

Author

Commented:
The 5 port is going to be replaced by this VLAN solution.
Try this:

vlan database
vlan 2
exit

int vlan 2
name WiFi
exit

int range g(43-47)
switchport mode access
switchport access vlan 2
switchport forbidden vlan 1
exit

int g48
description Sonicwall
power inline never
exit

Open in new window


If the Sonicwall port needs to be visible to both VLANS:
int g48
switchport mode trunk
switchport trunk allowed vlan add 2
exit

Open in new window


If the Sonicwall needs to be on the segregated VLAN 2:
int g48
switchport mode access
switchport access vlan 2
switchport forbidden vlan 1
exit

Open in new window

Author

Commented:
dbright:

I got hung up at int range g because that syntax did not work so I decided to move to individual ports and then got caught at switchport forbidden. It is not a valid option...

I get the following options to use with switchport:
access
community
customer
general
mode
private-vlan
protected-port
trunk
<CR>

I appreciate any help. Thanks.
sorry, I was looking at a 3000 series - the interface syntax on the 5000 series is

interface range gi1/0/43-47 and gi1/0/48 respectively

you do not need the switchport forbidden lines

Author

Commented:
Trying now... Thank you.

Author

Commented:
Dell5548P-ServerRoom>
Dell5548P-ServerRoom> en
Dell5548P-ServerRoom# config t
Dell5548P-ServerRoom(config)# int vlan 2
Dell5548P-ServerRoom(config-if)# int range gi1/0/43-47
Dell5548P-ServerRoom(config-if-range)# switchport mode access
Dell5548P-ServerRoom(config-if-range)# switchport access vlan 2
Dell5548P-ServerRoom(config-if-range)# exit
Dell5548P-ServerRoom(config)# int gi01/0/48
Dell5548P-ServerRoom(config-if)# description SonicWALL
Dell5548P-ServerRoom(config-if)# power inline never
Dell5548P-ServerRoom(config-if)# exit
Dell5548P-ServerRoom(config)# exit
Dell5548P-ServerRoom# copy run start

Open in new window


This is what the start to finish ended up looking like. I have yet to fully test it, as I have multiple users connected to the WAPs (during business hours).

So far:
I verified that I could get a DHCP address using an IP phone on VLAN 1 and was able to get to the phone server, which is on another switch.

I plugged the same phone into port 46 and was unable to get a DHCP address, which is exactly what I wanted because I have yet to connect the SonicWALL (will be DHCP for VLAN 2) to port 48.

I will have to connect the WAPs and SonicWALL to VLAN 2 after hours and test connectivity and functionality to confirm everything is configured correctly.

Commented:
After some minor modifications, I was able to get it to work.

Initially, I hadn't added the 48th port (as part of the range) to the second vlan so I did that and it works perfectly.

This is how a collection of the commands that I used to accomplish this and should be start to finish.

Dell5548P-ServerRoom> en
Dell5548P-ServerRoom# conf t
Dell5548P-ServerRoom(config)#
Dell5548P-ServerRoom(config)# vlan database
Dell5548P-ServerRoom(config-vlan)# vlan 2
Dell5548P-ServerRoom(config)#
Dell5548P-ServerRoom(config-vlan)# exit
Dell5548P-ServerRoom(config)# int vlan 2
Dell5548P-ServerRoom(config-if)# name WiFi
Dell5548P-ServerRoom(config-if)# exit
Dell5548P-ServerRoom(config)# int vlan 2
Dell5548P-ServerRoom(config-if)# int range gi1/0/43-48
Dell5548P-ServerRoom(config-if-range)# switchport mode access
Dell5548P-ServerRoom(config-if-range)# switchport access vlan 2
Dell5548P-ServerRoom(config-if-range)# exit
Dell5548P-ServerRoom(config)# int gi01/0/48
Dell5548P-ServerRoom(config-if)# description SonicWALL
Dell5548P-ServerRoom(config-if)# power inline never
Dell5548P-ServerRoom(config-if)# exit
Dell5548P-ServerRoom(config)# exit
Dell5548P-ServerRoom# copy run start

Open in new window

Author

Commented:
After some very minor tweaking, the solution was what I needed. Thanks.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial