Solved

IBM Bladecenter Cisco Switch VLAN to SonicWALL

Posted on 2011-09-26
6
345 Views
Last Modified: 2012-08-13
Hello,
Need some help with a SonicWALL to Cisco switch module configuration.  The Cisco switch module is a 20-port switch module in an IBM Bladecenter.

Currently, the SonicWALL firewall has WAN X1 connected to the upstream provider.  It's IP address is 64.xx.xx.21.  LAN XO is IP 192.168.6.1 and connected to Cisco switch module port GigabitEthernet0/17.  The configuration of GE0/17 is as follows (it's the default config):

interface GigabitEthernet0/17
description extern1
switchport access vlan 2
switchport trunk native vlan 2

I have a server blade connected to GE0/2, and I would like to have it's traffic separated to a different VLAN.  I do have traffic on VLAN2 however from GE0/1 that is on the 192.168.6.x class and that needs to stay functional.  GE0/2 configuration is here (again, default):

interface GigabitEthernet0/2
description blade2
switchport access vlan 2
switchport trunk native vlan 2
switchport trunk allowed vlan 2-4094
switchport mode trunk
spanning-tree portfast trunk
spanning-tree bpdufilter enable

I can create a VLAN interface on the SonicWALL X0 Port and give it an IP address of 192.168.7.1, tagging packets as VLAN 3, but I cannot get the packets to flow over to GE0/2.  I would like all traffic going to/from GE0/2 to be VLAN 3.  How can I achieve this?
0
Comment
Question by:e2346437
  • 4
  • 2
6 Comments
 
LVL 33

Expert Comment

by:MikeKane
ID: 36602144
You need a device to route the packets.    Either a Router on a stick scenario, or (if this switch is capable) use the switch itself to route.  

IF you want to use the switch, Create the vlans and assign the switch an IP in each vlan,

interface vlan2
192.168.6.2

interface vlan3
192.168.7.1


and enable IP routing

ip routing



Devices on vlan 3 use 192.168.7.1 as the gateway, devices on vlan 2 use 192.168.6.2 as the gateway.   The switch must have a default route pointing out to the next hop gateway at 192.168.6.1


0
 

Author Comment

by:e2346437
ID: 36602205
The firewall should be capable of routing the packets, shouldn't it?
0
 

Author Comment

by:e2346437
ID: 36602248
"ip routing" is not a valid command on this switch.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 33

Expert Comment

by:MikeKane
ID: 36710015
Can you send the output of a SHOW VER.  

Oh and 1 thing I forgot.  You'd need to add a static route on the Sonicwall for destination 192.168.7.0/24 to 192.168.6.2.  


0
 

Accepted Solution

by:
e2346437 earned 0 total points
ID: 36906666
Fixed it myself.  Just had to change GE0/17 to switchport mode trunk.

0
 

Author Closing Comment

by:e2346437
ID: 36935304
No one else had the answer.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question