cembick
asked on
GS724TP and Sonicwall TZ215
Ok...I am about toast on this.....
TZ215
X2 wireless zone 192.168.3.1
X2:V1001 wireless zone 192.168.4.1 Private
X2:V1002 wireless zone 192.168.5.1 Public
Netgear GS724TP
Ports 1-8 VLAN 1001 Private
Ports 1-8 VLAN 1002 Public
Port 1 untagged (access port, trunk port)
Ports 2-8 tagged
PVID ports 1-8 1001
Can only see one SSID (Private 1001) when using POE switch...when using POE injectors I can see both SSID and get internet on both...it's like something isn't being passed from TZ215 to Netgear for Vlan ID 1002 ...i don't know what to do. Does anybody have a clue? I have tried configuration a number of ways to no avail...any help would be greatly appreciated. I really don't want to have to purchase POE injectors as I have this POE switch available...oh and I have VLAN 1003 on the POE switch for my ip phones and they are working fine...all ports 15-23 untagged....UGH!!!
Update:
If I untag all ports on the POE switch I can see both SSID but cannot get internet....and does anybody know why Dell does not recommend Netgear?
TZ215
X2 wireless zone 192.168.3.1
X2:V1001 wireless zone 192.168.4.1 Private
X2:V1002 wireless zone 192.168.5.1 Public
Netgear GS724TP
Ports 1-8 VLAN 1001 Private
Ports 1-8 VLAN 1002 Public
Port 1 untagged (access port, trunk port)
Ports 2-8 tagged
PVID ports 1-8 1001
Can only see one SSID (Private 1001) when using POE switch...when using POE injectors I can see both SSID and get internet on both...it's like something isn't being passed from TZ215 to Netgear for Vlan ID 1002 ...i don't know what to do. Does anybody have a clue? I have tried configuration a number of ways to no avail...any help would be greatly appreciated. I really don't want to have to purchase POE injectors as I have this POE switch available...oh and I have VLAN 1003 on the POE switch for my ip phones and they are working fine...all ports 15-23 untagged....UGH!!!
Update:
If I untag all ports on the POE switch I can see both SSID but cannot get internet....and does anybody know why Dell does not recommend Netgear?
Aaron Tomosky
Gotta tag your trunk port.
ASKER
Ok..on the sonic wall I have the VLANS
X2
X2:V1001
X2:V1002
Do i need to have these VLANS on the switch also? Or do I just need to TAG say port 1 for the trunk port and then untag ports 2-8 or tag all ports? I have been reading alot about this and I see some that have say
Create VLAN 10 for trunking and all ports tagged on the switch, plug X2 into port 1 and all ap's into other taggged ports and sonicwall will do the rest and then I see where you have to have the same VLANS on the switch as you do on the sonicwall..I have tried so many configurations it has made my head spin.
X2
X2:V1001
X2:V1002
Do i need to have these VLANS on the switch also? Or do I just need to TAG say port 1 for the trunk port and then untag ports 2-8 or tag all ports? I have been reading alot about this and I see some that have say
Create VLAN 10 for trunking and all ports tagged on the switch, plug X2 into port 1 and all ap's into other taggged ports and sonicwall will do the rest and then I see where you have to have the same VLANS on the switch as you do on the sonicwall..I have tried so many configurations it has made my head spin.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Aaron,
If I have VLAN Sub interfaces set up on X2 port at the TZ215 as V1001 and V1002 and then the same VLANS 1001 and 1002 with member ports 1-8 setup on the switch....would that be redundant? Wouldn't the TZ215 assume this as a tag? I am going to try your setup as follows:
Sonciwall
X2 port goes to switch port 1 switch port 1 is a member of VLAN 1001 and 1002 and this would be tagged at the switch. Ports 1-8 are members of VLAN 1001 and 1002 and are all tagged and belong to PVID 1001.
Sub-interface X2:V1001
Sub-interface X2:V1002
Sorry, I am no novice but certainly not an expert either.
If I have VLAN Sub interfaces set up on X2 port at the TZ215 as V1001 and V1002 and then the same VLANS 1001 and 1002 with member ports 1-8 setup on the switch....would that be redundant? Wouldn't the TZ215 assume this as a tag? I am going to try your setup as follows:
Sonciwall
X2 port goes to switch port 1 switch port 1 is a member of VLAN 1001 and 1002 and this would be tagged at the switch. Ports 1-8 are members of VLAN 1001 and 1002 and are all tagged and belong to PVID 1001.
Sub-interface X2:V1001
Sub-interface X2:V1002
Sorry, I am no novice but certainly not an expert either.
Does your equipment understand vlan tags? Usually you would do something like this:
port 1 -> x2 sonicwall tagged 1001, tagged 1002
port 2-4 untagged 1001 (anything plugged into these are 1001) pvid 1001
port 5-7 untagged 1002 (anything plugged into these are 1002) pvid 1002
port 8 vlan1 or whatever your management vlan on the switch is so you don't get locked out
port 1 -> x2 sonicwall tagged 1001, tagged 1002
port 2-4 untagged 1001 (anything plugged into these are 1001) pvid 1001
port 5-7 untagged 1002 (anything plugged into these are 1002) pvid 1002
port 8 vlan1 or whatever your management vlan on the switch is so you don't get locked out
ASKER
Yes it does understand VLAN tags.Netgear GS724TP..L2 smartswitch..maybe my problem is that I have say
1 AP that has 2 SSIDS on the sonicwall......hence the V1001 and V1002 sub interfaces
V1001 is private
V1002 is public
X2 to port 1 switch
AP to port 2 switch
Port 1 and 2 are members of VLAN 1001 and 1002 on switch....is this not possible since sonicwall sees V1001 and V1002 on X2 or does it have to be an L3 switch for routing across VLANS like this?
1 AP that has 2 SSIDS on the sonicwall......hence the V1001 and V1002 sub interfaces
V1001 is private
V1002 is public
X2 to port 1 switch
AP to port 2 switch
Port 1 and 2 are members of VLAN 1001 and 1002 on switch....is this not possible since sonicwall sees V1001 and V1002 on X2 or does it have to be an L3 switch for routing across VLANS like this?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.