Solved

Sonicpoint N 2 SSID setup on Dell Powerconnect 6224

Posted on 2011-09-09
10
1,672 Views
Last Modified: 2012-05-12
I have a Sonicwall TZ-210 Wireless n setup for sonicpoints.
X6 is configured for dual SSID with VLAN 100 and 200 (100 public, 200 Private)
Sonicpoints work great when directly connect to the Sonicwall.
I am using PowerConnect 6224 here is my configuration:
console#show running-config
!Current Configuration:
!System Description "Dell PowerConnect"
!System Software Version 1.0.0.27
!
configure
vlan database
vlan 10,100,200
exit
stack
member 1 2
exit
ip address 192.168.1.25 255.255.255.0
interface vlan 10
name "Sonicwall VLAN"
exit
interface vlan 100
name "ChurchPublic"
exit
interface vlan 200
name "ChurchPrivate"
exit
username "admin" password level 15 encrypted
!
interface ethernet 1/g39
description 'Connect to Sonicwall Port'
exit
!
interface ethernet 1/g41
no negotiation
description 'AP in Hallway'
spanning-tree cost 20000
spanning-tree portfast
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10 untagged
switchport general allowed vlan add 100 untagged
switchport general allowed vlan add 200 untagged
switchport general allowed vlan remove 1
exit
!

interface ethernet 1/g42
descripttion Not in use at the moment
switchport mode trunk
switchport trunk allowed vlan remove 1
exit
!
interface ethernet 1/g43
description 'Sonicwall Wireless (6X) connection'
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10 untagged
switchport general allowed vlan add 100 untagged
switchport general allowed vlan add 200 untagged
switchport general allowed vlan remove 1
exit
!
interface ethernet 1/g48
description 'Goes to CLC'
switchport mode trunk
switchport trunk allowed vlan add 10
switchport trunk allowed vlan add 100
switchport trunk allowed vlan add 200

exit
exit

I can see the SSID when connected to the powerconnect, however I am not able to receive a DHCP address or when assigned IP manually on a laptop fails as well.
I am missing something in my configuration, please let me know what.
Thank you for your time.
0
Comment
Question by:IDSNET
  • 5
  • 3
  • 2
10 Comments
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 36510751
Excuse me if you have already done this but it's not clear in the description: sonicwall tz doesn't do vlans. So you need to have a cable from sonicwall to the switch for each vlan you want to have rules for in the sonicwall. Each cable only let's one vlan into the sonicwall.
0
 
LVL 33

Expert Comment

by:digitap
ID: 36510979
Um, the TZ-210 does do VLANs. It sounds like the switch isn't configured properly to handle the VLAN traffic. Make sure the ports on the switch that the SP and the SW are connected to are tagged members of your VLANs (100 and 200). Did you create the additional VLANs on the Interface of the SW or did you add just one?
0
 
LVL 38

Expert Comment

by:Aaron Tomosky
ID: 36511207
My bad, they added it in 5.8 this year.
http://www.sonicwall.com/app/projects/file_downloader/document_lib.php?t=RN&id=2&dl=1

I'm runnin an older version. Any chance you are too?
0
 

Author Comment

by:IDSNET
ID: 36511266
Thank you digitap, from the configuration above, I do have two vlans create 100 and 200, both are assigned on port 43 (coming from Sonicwall x6) and 41 (going to Sonicpoint N) Port 48 is trunk to another switch in a different building. With Powerconnect I am confused about tagged and untagged.

interface ethernet 1/g41
no negotiation
description 'AP in Hallway'
spanning-tree cost 20000
spanning-tree portfast
switchport mode general
switchport general pvid 10
no switchport general acceptable-frame-type tagged-only
switchport general allowed vlan add 10 untagged
switchport general allowed vlan add 100 untagged
switchport general allowed vlan add 200 untagged
switchport general allowed vlan remove 1
exit

Should the ports be general?  Should the vlan add 100 be tagged or untagged?
switchport general pvid what should that be set at? If i set it at 100 , sonicwall sets it up as x6:100 and not X6(WLAN).  Sonicwall support was of little support, and the customer does not have pro support on Dell switches.
0
 
LVL 33

Expert Comment

by:digitap
ID: 36511480
I'd have to fudge my way through the Dell config as I don't have experience with them. Re the SW, how did you setup the public and private wireless networks? Did you use these instructions?

Corp - http://bit.ly/ofjMBb
Guest - http://bit.ly/pfiJUX

I suppose if the SW isn't configured properly from this perspective, then traffic won't flow right.

Re your Dell switch, you should have the ports the SW and SP devices connect to as ONLY tagged members of the VLANs you created on the SW. You should drop all other VLANs from those ports.

0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:IDSNET
ID: 36517671
Yes, I had it that way, without vlan 10. But the sp still failed trying to connect via wireless, sw to sp seems to be working.
0
 
LVL 33

Expert Comment

by:digitap
ID: 36517690
Consider this:

"...you have to put the Port Mode to General, and then Frame Type to Admit All. You can then set the PVID (which is ignored) and then set one VLAN as untagged and further VLANs as tagged."

I don't know if that makes sense to you. I don't have a Dell interface so I can't poke around to make sense of it. I found this here:

http://wiki.xdroop.com/space/dell/power+connect+6224/vlan+configuration
0
 
LVL 33

Accepted Solution

by:
digitap earned 500 total points
ID: 36517698
Also, consider this:

"Update: Finally realized what the problem was, and it was indeed an issue with the switch. Apparently "general" mode on Dell switch ports, though quite similar to the "trunk" mode on Cisco switches, actually strips the VLAN tags on outgoing packets by default. The solution was to add an extra "tagged" parameter onto the "allowed vlan" directive for the SonicPoint ports. Suddenly everything worked!"

https://forum.sonicwall.com/showthread.php?t=24055&highlight=powerconnect
0
 

Author Closing Comment

by:IDSNET
ID: 36526077
I changed the ports (both SP and the SW)
From:
switchport general allowed vlan add 100 untagged
switchport general allowed vlan add 200 untagged
 to:
switchport general allowed vlan add 100 TAGGED
switchport general allowed vlan add 200 TAGGED

Works like a champ!  Thank you for your time and help!
0
 
LVL 33

Expert Comment

by:digitap
ID: 36526103
No problem. Glad I could help and thanks for the points!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco Sup720 Migrate to Sup2T 5 55
gns3 - switchport trunk allow vlan error 4 48
ASR920 switching 2 26
Content Filtering by Search Term with a Smoothwall Firewall 1 87
In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
I recently had the displeasure of buying a new firewall at one of the buildings I play Sys Admin at. I had to get a better firewall than the cheap one that I had there since I was reconnecting the main office to the satellite office via point-to-poi…
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…
A company’s greatest vulnerability is their email. CEO fraud, ransomware and spear phishing attacks are the no1 threat to a company’s security. Cybercrime is responsible for the largest loss of money to companies today with losses projected to r…

919 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now