Powerconnect 3548 questions

TeK-FX

TeK-FX

Limp Gawd
Joined
Jul 16, 2005
Messages
503
I am new to managed switches and have a few questions regarding the Powerconnect 3548.

We are a small machining business and we recently acquired a new Wire EDM machine that has the ability to keep track of water quality, remaining wire, machine efficiency, etc via a web/mobile device interface. I did not want to put this on the same VLAN as our main network so I successfully created a new one. The few questions I have are:

There are 3 other VLANs currently setup with 10.255.10.1, 10.255.9.1 and 10.255.8.1 all using the firewall as the gateway. I would like to setup this new VLAN (10.255.7.1) to do the same. I just cannot seem to find the correct command for setting the gateway. I do have the MAC of the firewall device.

Once in the console I did :

Sw4_Prod_PoE# config
Sw4_Prod_PoE(config)# int vlan 40
Sw4_Prod_PoE(config-if)# ip address 10.255.7.1 18:B1:69:19:AE:68
% bad parameter value
Sw4_Prod_PoE(config-if)# ip address 10.255.7.1 255.255.255.0 18:B1:69:19:AE:68
% Wrong number of parameters or invalid range, size or characters entered
Sw4_Prod_PoE(config-if)#

Showing the ARP table only shows the following:


Sw4_Prod_PoE# show arp

ARP timeout: 60000 Seconds

VLAN Interface IP address HW address status
--------------------- --------------- ------------------- ---------------
vlan 20 g4 10.255.9.1 18:b1:69:19:ae:68 dynamic

Could I run something like:

arp 10.255.7.1 vlan 40 18:B1:69:19:AE:68

I was not sure if this would strip away the assignment to 10.255.9.1 and end up breaking things.


My next question after that is how do I restrict this VLAN from other VLANs on the network but still allow it unrestricted access to the internet?

I would greatly appreciate any help in getting this issue resolved. I have about 60 tabs open between 2 chrome windows trying to find the answers and thought I would seek some help here. I just started this morning working on this project and I have to have it done by Friday for when the equipment arrives.
 
The gateways are set on the DHCP scope - you don't define that on the switch. For this, are you tagging the traffic up to the firewall with sub-interfaces on the firewall?

You have two options and it depends on how you are doing it:
  1. You have a single interface that connects your switch to the firewall, and you are tagging the VLAN traffic as it goes up stream to the firewall which has sub-interfaces (virtual) interfaces that act as gateways on each of the VLANs
  2. You have access ports that connect directly upstream to a separate physical firewall interface that operates as the gateway for each of the VLANs
It's important to remember that the default gateway of the switch is completely different than the gateways you are using on each of the VLANs. You shouldn't be doing anything with MAC addresses, they have nothing to do with this.
 
Hi Cmustang87, thank you for your reply. It helped set me on a path of doing a bit more research about the equipment we currently use.

Since we have machines in separate buildings on separate switches I thought I should be tagging traffic to connect them to the node (on our main office building switch) that communicates with the manufacturers cloud platform.

I believe I figured out where I was getting stuck. I have done some more research and I have found that the Powerconnect 3548s we employ are L2 & L3-aware so inter-vlan routing is done on the Sonicwall appliance that is in use. So what I THINK I have to do next is configure the vlan on the firewall along with my ACLs.

Prior to my coming on board to this company they outsourced their IT work to a local MSP. Unfortunately in all the information that was handed to me I do not have credentials to access the firewall. I have reached out to them for this and hope to have it soon.
 
Pretty much what Cmustang87 said.

If what you say is correct in that your gateway is the SonicWALL, generally the .1 address of each of your /24 blocks assigned to a vlan is the gateway address. Meaning that you would not configure the switch with the .1 address which you were trying to attempt.. instead, you would add it to the SonicWALL. Which in turn, as Cmustang87 had mentioned, would be uplinked to your switches with a trunk interface with all vlans tagged or an access interface where each vlan has a dedicated interface from the SonicWALL. I would imagine it is trunked, but that is just speculation. If it is, the SonicWALL (sorry I haven't worked on Sonicwalls, only Cisco/PAN/Juniper), then the interface would look something like this int gi0/2.40 where the .40 is the vlan tag you are using.

On the switch side, all you would do is add the vlan.. not an actual interface, unless you wanted to manage the switches from that IP or have the switches do L3. And on your config, you would never put the mac address as part of the config line... that is just the output from the switch for the previous vlan. So you would just do: ip address 10.255.7.1 255.255.255.0
Not saying that you should do that unless you want the .1 address on that particular switch. Again, I don't really use Dell switches, but on Cisco, if you wanted to create a vlan, it would just be:
conf t
vlan 40
name VLAN40
no shut

And on your trunk interfaces, you would need to make sure vlan 40 is allowed.. you would need to do this on all switches between the switch you want to connect something to and the firewall.

Hope this helps.
 
I finally got everything figured out. Once I got access to the Sonicwall I was then able to add and configure an interface for the new VLAN. Then I was able to set static IPs on this new VLAN for the new devices. The company tested connection and it looks like it is all good! Thank you for the information and help.
 
TeK-FX said:
I finally got everything figured out. Once I got access to the Sonicwall I was then able to add and configure an interface for the new VLAN. Then I was able to set static IPs on this new VLAN for the new devices. The company tested connection and it looks like it is all good! Thank you for the information and help.
Click to expand...

Great job, glad you got it handled!
 
You must log in or register to reply here.
Back
Top