Any Dell Switch Experts?

marley1 · Aug 2, 2012

Learned it, all seems to be working with the laptops i got configured.

All can access all, which is what was needed.

Now need to get the Zyxel working but think that is simple if i remember correctly.

Thanks all for the help.

Glad i have a cars worth of networking equipment on my desk.

Will post pictures tomorrow, racking all this and battery backups and Ruckus!

marley1 · Aug 3, 2012

bah something not right still, anyone around?

RocketTech · Aug 3, 2012

What've you got?

marley1 · Aug 3, 2012

Going to another job now, you got aim of something?

RocketTech · Aug 3, 2012

gimme a minute and then skype me- info-rockettech

marley1 · Aug 3, 2012

Won't r back or a little ill pm you when back

marley1 · Aug 3, 2012

do you have anything other then skype?

tangoseal · Aug 3, 2012

Oh i love my 3750e layer 3. It can switch between vlans at full gig speeds at only 3-6% cpy usage. My 1921 router falls on its face when doibg heavy intervlan routing. So ibwould always recommend a l3 switch for vlan routing.

Aorry for typo using galaxy s3

RocketTech · Aug 3, 2012

Lync Messenger

marley1 · Aug 3, 2012

rocket im on skype

marley1 · Aug 3, 2012

Had another dell tech help me. Think we got the switch section down. Think I need to change the interface ip.

Still working on firewall.

What I don't get is in the switch I create vlan 2 gave it up 192.168.10.1 , creted vlan 3 gave it 192.168.11.1 and created vlan 9 for the firewall as 192.168.9.2

In the firewall I create vlan1 and it asks for an ip so I put in 192.168.10.1 figuring it will send traffic to the switch but they firewall company is saying no.

So not sure

/usr/home · Aug 3, 2012

Why did you create a VLAN on the firewall? You don't need to. Leave it as it was. Route all unknown traffic from the L3 switch to the firewall. You will need to add static routes to 10.0 /24 and 11.0/24 on the firewall though so it knows how to get back to those hosts.

Basically route 0.0.0.0 0.0.0.0 192.168.9.1 on the switch and route 192.168.10.0 255.255.255.0 192.168.9.2 and 192.168.11.0 255.255.255.0 192.168.1.9.2 on the firewall/router.

Also on the other switches, make VLAN99 the management VLAN. Then assign the switches IPs in the 192.168.9.0 /24 range. Then you can manage them by just going to their IP.

fluidimagery · Aug 3, 2012

I think what has us confused at this point is the firewall and what IPs get assigned to what, and the flow of traffic etc.

In the end, we want the 6224 to handle the bulk of the vlan routing, the Zyxel Firewall will be handling the DHCP for now until we get the server in on both the 10.0 and 11.0 networks and the gateway out to the internet. On the phone we seem to be getting conflicting advice between Dell and Zyxel, or we're just misunderstanding.

The gateway of the subnets need to end up with 192.168.10.1 and 192.168.11.1. The Zyxel needs to have addresses assigned for the VLANs you create for each interface. So does the 10.1 and 11.1 get pointed to the Dell 6224 or the Zyxel?

Currently the 6224 is VLAN1 - 192.168.9.2, VLAN2 - 192.168.10.1 and VLAN3 - 192.168.11.1.

Zyxel LAN1 interface IP is 192.168.9.1

Should we make the VLAN2 192.168.10.2 and VLAN3 192.168.11.2 on the Zyxel VLAN IP?

Then do we need to send the Route in the 6224 to 192.168.9.1 tagged vlan2 and 3?

/usr/home · Aug 4, 2012

So you can create multiple VLANs on Zyxel? You may need to trunk the port going to the router or, if you can assign different VLANs to different interfaces on the router, you could then have three connections to the router, one for each VLAN. I'm not at all familiar with Zyxel.

Why don't you have the dell l3 switch do the DHCP for now? It'll make it a heck of a lot easier, you won't need to dick with VLANs on the Zyxel.

If the Zyxel can support "trunks" going to it, then yes that setup that you have should work. What model is it? Are each of the interfaces seperate or are they on an internal switch?

dashpuppy · Aug 4, 2012

/usr/home said:
So you can create multiple VLANs on Zyxel? You may need to trunk the port going to the router or, if you can assign different VLANs to different interfaces on the router, you could then have three connections to the router, one for each VLAN. I'm not at all familiar with Zyxel.

Why don't you have the dell l3 switch do the DHCP for now? It'll make it a heck of a lot easier, you won't need to dick with VLANs on the Zyxel.

If the Zyxel can support "trunks" going to it, then yes that setup that you have should work. What model is it? Are each of the interfaces seperate or are they on an internal switch?

I think he's missing a few steps, if the Zyxel is like the Sonicwall, the default zone is the default vlan. ie managed parts of the switch. I got stuck on this part too until i did some digging.

When i created vlans i had 3, technically i had 4 because the first subnet was a vlan.

Just putting this out there too, if you are transferring ANY amounts of data across those vlans, you are going to want to kill your self.

/usr/home · Aug 4, 2012

dashpuppy said:
I think he's missing a few steps, if the Zyxel is like the Sonicwall, the default zone is the default vlan. ie managed parts of the switch. I got stuck on this part too until i did some digging.

When i created vlans i had 3, technically i had 4 because the first subnet was a vlan.

Just putting this out there too, if you are transferring ANY amounts of data across those vlans, you are going to want to kill your self.

Well the routing will be done on the Layer3 Switch so it should be port speed. I'm thinking they want to have the Zyxel do DHCP for all the VLANs. A much easier and simpler way without headaches is to have the switch do DHCP as well.

I have this exact same setup here on my home lab just for you guys

. It's all Cisco, but it works great. My L3 switch is doing the VLAN routing and the DHCP for each VLAN. Any requests outside the network go out on a different subnet to my router doing NAT.

l3thal6 · Aug 4, 2012

/usr/home said:
Well the routing will be done on the Layer3 Switch so it should be port speed. I'm thinking they want to have the Zyxel do DHCP for all the VLANs. A much easier and simpler way without headaches is to have the switch do DHCP as well.

I have this exact same setup here on my home lab just for you guys . It's all Cisco, but it works great. My L3 switch is doing the VLAN routing and the DHCP for each VLAN. Any requests outside the network go out on a different subnet to my router doing NAT.

Me too pretty much, I have two redundant core/distro switches running HSRP, seperate VLANs for my VMware lab, External web site, Users, Storage, etc.

marley1 · Aug 4, 2012

I'll post config of the switches and screen shots of the zyxel when I head out this morning.

marley1 · Aug 4, 2012

Okay here is the 6224

running-config E `
!Current Configuration:
!System Description "PowerConnect 6224, 3.3.4.1, VxWorks 6.5"
!System Software Version 3.3.4.1
!Cut-through mode is configured as disabled
!
configure
vlan database
vlan 2-3,9
vlan routing 9 1
vlan routing 2 2
vlan routing 3 3
exit
stack
member 1 1
exit
ip address 192.168.20.50 255.255.255.0
ip routing
ip route 0.0.0.0 0.0.0.0 192.168.9.1
interface vlan 2
name "Clients"
routing
ip address 192.168.10.2 255.255.255.0
exit
interface vlan 3
name "Security"
routing
ip address 192.168.11.2 255.255.255.0
exit
interface vlan 9
name "Firewall"
routing
ip address 192.168.9.2 255.255.255.0
exit
username "admin" password password level 15 encrypted
spanning-tree priority 4096
!
interface ethernet 1/g1
switchport mode general
switchport general allowed vlan add 9
switchport general allowed vlan add 2-3 tagged
exit
!
interface ethernet 1/g2
switchport access vlan 2
exit
!
interface ethernet 1/g3
switchport access vlan 2
exit
!
interface ethernet 1/g4
switchport access vlan 2
exit
!
interface ethernet 1/g5
switchport access vlan 2
exit
!
interface ethernet 1/g6
switchport access vlan 2
exit
!
interface ethernet 1/g7
switchport access vlan 2
exit
!
interface ethernet 1/g8
switchport access vlan 2
exit
!
interface ethernet 1/g9
switchport access vlan 2
exit
!
interface ethernet 1/g10
switchport access vlan 2
exit
!
interface ethernet 1/g11
switchport access vlan 2
exit
!
interface ethernet 1/g12
switchport access vlan 2
exit
!
interface ethernet 1/g13
switchport access vlan 2
exit
!
interface ethernet 1/g14
switchport access vlan 2
exit
!
interface ethernet 1/g15
switchport access vlan 2
exit
!
interface ethernet 1/g16
switchport access vlan 2
exit
!
interface ethernet 1/g17
switchport access vlan 2
exit
!
interface ethernet 1/g18
switchport access vlan 2
exit
!
interface ethernet 1/g19
switchport access vlan 2
exit
!
interface ethernet 1/g20
switchport access vlan 2
exit
!
interface ethernet 1/g21
switchport access vlan 2
exit
!
interface ethernet 1/g22
switchport access vlan 2
exit
!
interface ethernet 1/g23
switchport mode trunk
switchport trunk allowed vlan add 2-3,9
exit
!
interface ethernet 1/g24
switchport mode trunk
switchport trunk allowed vlan add 2-3,9
exit
exit

marley1 · Aug 4, 2012

Here is the 3524p - Bolded one line of code

spanning-tree mode rstp
spanning-tree priority 61440
interface range ethernet g(1-2)
switchport mode trunk
exit
vlan database
vlan 2-3,9
exit
interface range ethernet e(23-24)
switchport access vlan 2
exit
interface range ethernet g(1-2)
switchport trunk allowed vlan add 2
exit
interface range ethernet e(1-22)
switchport access vlan 3
exit
interface range ethernet g(1-2)
switchport trunk allowed vlan add 3
exit
interface range ethernet g(1-2)
switchport trunk allowed vlan add 9
exit
interface vlan 2
name Clients
exit
interface vlan 3
name Security
exit
interface vlan 9
name Firewall
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
interface vlan 9
ip address 192.168.9.240 255.255.255.0
exit
interface vlan 2
ip address 192.168.10.240 255.255.255.0
exit
interface vlan 3
ip address 192.168.11.240 255.255.255.0
exit
ip default-gateway 192.168.11.2 - I THINK THIS NEEDS TO BE 192.168.9.2
username admin password password level 15 encrypted

marley1 · Aug 4, 2012

Here is the 5548

spanning-tree priority 61440
vlan database
vlan 2-3,9
exit
voice vlan oui-table add 000181 Nortel__________________
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 001049 Shoretel________________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00907a Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
iscsi target port 860 address 0.0.0.0
iscsi target port 3260 address 0.0.0.0
iscsi target port 9876 address 0.0.0.0
iscsi target port 20002 address 0.0.0.0
iscsi target port 20003 address 0.0.0.0
iscsi target port 25555 address 0.0.0.0
username admin password encrypted password privilege 15
!
interface vlan 2
name Clients
ip address 192.168.10.241 255.255.255.0
!
interface vlan 3
name Security
ip address 192.168.11.241 255.255.255.0
!
interface vlan 9
name Firewall
ip address 192.168.9.241 255.255.255.0
!
interface gigabitethernet1/0/1
switchport access vlan 2
!
interface gigabitethernet1/0/2
switchport access vlan 2
!
interface gigabitethernet1/0/3
switchport access vlan 2
!
interface gigabitethernet1/0/4
switchport access vlan 2
!
interface gigabitethernet1/0/5
switchport access vlan 2
!
interface gigabitethernet1/0/6
switchport access vlan 2
!
interface gigabitethernet1/0/7
switchport access vlan 2
!
interface gigabitethernet1/0/8
switchport access vlan 2
!
interface gigabitethernet1/0/9
switchport access vlan 2
!
interface gigabitethernet1/0/10
switchport access vlan 2
!
interface gigabitethernet1/0/11
switchport access vlan 2
!
interface gigabitethernet1/0/12
switchport access vlan 2
!
interface gigabitethernet1/0/13
switchport access vlan 2
!
interface gigabitethernet1/0/14
switchport access vlan 2
!
interface gigabitethernet1/0/15
switchport access vlan 2
!
interface gigabitethernet1/0/16
switchport access vlan 2
!
interface gigabitethernet1/0/17
switchport access vlan 2
!
interface gigabitethernet1/0/18
switchport access vlan 2
!
interface gigabitethernet1/0/19
switchport access vlan 2
!
interface gigabitethernet1/0/20
switchport access vlan 2
!
interface gigabitethernet1/0/21
switchport access vlan 2
!
interface gigabitethernet1/0/22
switchport access vlan 2
!
interface gigabitethernet1/0/23
switchport access vlan 2
!
interface gigabitethernet1/0/24
switchport access vlan 2
!
interface gigabitethernet1/0/25
switchport access vlan 2
!
interface gigabitethernet1/0/26
switchport access vlan 2
!
interface gigabitethernet1/0/27
switchport access vlan 2
!
interface gigabitethernet1/0/28
switchport access vlan 2
!
interface gigabitethernet1/0/29
switchport access vlan 2
!
interface gigabitethernet1/0/30
switchport access vlan 2
!
interface gigabitethernet1/0/31
switchport access vlan 2
!
interface gigabitethernet1/0/32
switchport access vlan 2
!
interface gigabitethernet1/0/33
switchport access vlan 2
!
interface gigabitethernet1/0/34
switchport access vlan 2
!
interface gigabitethernet1/0/35
switchport access vlan 2
!
interface gigabitethernet1/0/36
switchport access vlan 2
!
interface gigabitethernet1/0/37
switchport access vlan 2
!
interface gigabitethernet1/0/38
switchport access vlan 2
!
interface gigabitethernet1/0/39
switchport access vlan 2
!
interface gigabitethernet1/0/40
switchport access vlan 2
!
interface gigabitethernet1/0/41
switchport access vlan 2
!
interface gigabitethernet1/0/42
switchport access vlan 2
!
interface gigabitethernet1/0/43
switchport access vlan 2
!
interface gigabitethernet1/0/44
switchport access vlan 2
!
interface gigabitethernet1/0/45
switchport access vlan 2
!
interface gigabitethernet1/0/46
switchport access vlan 2
!
interface gigabitethernet1/0/47
switchport access vlan 2
!
interface gigabitethernet1/0/48
switchport access vlan 2
!
interface tengigabitethernet1/0/1
switchport mode trunk
!
interface tengigabitethernet1/0/2
switchport mode trunk
!
ip route 0.0.0.0 0.0.0.0 192.168.9.2
ip route 0.0.0.0 0.0.0.0 192.168.10.2
ip route 0.0.0.0 0.0.0.0 192.168.11.2

marley1 · Aug 4, 2012

Here are some screen shots of the firewall. So right now if i configure my computers IP as 192.168.10.50, 255.255.255.0, 192.168.10.2 I can ping the other subnets, can't pint 192.168.9.1. I will be having a DHCP server on the 192.168.10.x network (SBS Server), the 192.168.11.x network doesn't needs DHCP as everything is static but if I need to I will use Zywall. I need to have it so my computers get a gateway of 192.168.10.1 and 192.168.11.1 as some devices are already configured with this.

marley1 · Aug 4, 2012

We don't mind tossing a few bucks out to get this resolved !

/usr/home · Aug 4, 2012

ip route 0.0.0.0 0.0.0.0 192.168.9.2
ip route 0.0.0.0 0.0.0.0 192.168.10.2
ip route 0.0.0.0 0.0.0.0 192.168.11.2

This shouldn't be on the 5448 unless it's doing the routing which it isn't, right? The only switch that needs route statements is your L3 switch. The others don't need routes because they will just go over the trunks to the L3 switch and then the L3 switch will route them.

The default-gateway on the switches needs to be 192.168.9.1.

Go to each switch and ping a public IP from the CLI. Use something like 4.2.2.2. Make sure the switches can get out. Then, take a laptop onto each VLAN, configure it with the right info. (192.168.10.101 255.255.255.0 192.168.10.1) (192.168.11.101 255.255.255.0 192.168.11.1) and then try pinging that same IP. Try even pinging the gateway 192.168.9.1.

I'm thinking the computers can reach the Zyxel, but the Zyxel doesn't know how to get back to them so it's failing.

marley1 · Aug 4, 2012

I have no idea why that ip route is added on the 5548, i didn't add it.

Only thing I really did was:
interface vlan 2
ip address 192.168.10.241 255.255.255.0
interface vlan 3
ip address 192.168.11.241 255.255.255.0
interface vlan 9
ip address 192.168.9.241 255.255.255.0

and then I did exit, ip default-gateway 192.168.9.1 now.

I tried to plug into the 6224, and configure I can ping the 192.168.9.2 I cant pign 192.168.9.1, and I can't ping outside.

what I dont get is where does 192.168.10.1 even get definied.

We have 192.168.9.1 (Edge FIrewall), 192.168.9.2 (Vlan 9 Interface IP on Dell 6224), 192.168.10.2 (Vlan 2 Interface IP on Dell 6224), 192.168.11.2 (Vlan 3 IP On Dell 624).

Yesterday when i had these Interface IP as say 10.1 and 11.1 and in teh ZyXL for VLAN set it to that IP I was able to ping 4.2.2.2 from the switches.

smellofrain · Aug 6, 2012

Do you want the subnets routed by the Zyxel or by the 6224?

smellofrain · Aug 6, 2012

Give this a try. I made this config thinking the Zyxel is just a firewall/DHCP server and not doing routing for the network. Set the default-gateway of workstations on the Vlans to the Layer3 Vlan IP setup on the 6224. Keep the IP of the Zyxel and change the subnet mask to a /30. Otherwise change the 6224 config to a /24 and leave the Zyxel alone. I added another Vlan for management of the switches. On the Zyxel make sure to create a static route to the 6224 for all subnets.

6224A Router

configure
vlan database
vlan 2-4,9
exit
!
hostname Dell-6224A
!
interface vlan 2
name Clients
ip address 192.168.10.1 255.255.255.0
routing
exit
!
interface vlan 3
name Security
ip address 192.168.11.1 255.255.255.0
routing
exit
!
interface vlan 4
name Switch-Management
ip address 192.168.12.1 255.255.255.240
routing
exit
!
interface vlan 9
name Firewall
ip address 192.168.9.2 255.255.255.252
routing
exit
!
ip routing
ip route 0.0.0.0 0.0.0.0 192.168.9.1
exit
!
ip helper enable
ip helper-address 192.168.9.1 dhcp
!
spanning-tree priority 4096
!
interface ethernet 1/g1
description Zyxel
switchport mode access
switchport access vlan 9
exit
!
interface range ethernet 1/g2-22
switchport mode access
switchport access vlan 2
exit
!
interface ethernet 1/g23
description Dell-5548A
switchport mode trunk
switchport trunk allowed vlan add 2,4
exit
!
interface ethernet 1/g24
description Dell-3524A
switchport mode trunk
switchport trunk allowed vlan add 3-4
exit
exit
-----[END 6224]----
-----[BEGIN 3524]----
3524A Switch

configure
vlan database
vlan 3-4
exit
!
no ip routing
!
hostname Dell-3524A
!
interface vlan 3
name Security
exit
!
interface vlan 4
name Switch-Management
ip address 192.168.12.2 255.255.255.240
exit
!
ip default-gateway 192.168.12.1
!
interface ethernet g1
description Dell-6224A
switchport mode trunk
switchport trunk allowed vlan add 3,4
exit
!
interface ethernet g2
description Dell-3524B
switchport mode trunk
switchport trunk allowed vlan add 3,4
exit
!
interface range ethernet e(1-22)
switchport mode access
switchport access vlan 3
exit
exit

3524B Switch

configure
vlan database
vlan 3-4
exit
!
no ip routing
!
hostname Dell-3524B
!
interface vlan 3
name Security
exit
!
interface vlan 4
name Switch-Management
ip address 192.168.12.3 255.255.255.240
exit
!
ip default-gateway 192.168.12.1
!
interface ethernet g1
description Dell-3524A
switchport mode trunk
switchport trunk allowed vlan add 3,4
exit
!
interface ethernet g2
description Dell-3524C
switchport mode trunk
switchport trunk allowed vlan add 3,4
exit
!
interface range ethernet e(1-22)
switchport mode access
switchport access vlan 3
exit
exit

3524C Switch

configure
vlan database
vlan 3-4
exit
!
no ip routing
!
hostname Dell-3524C
!
interface vlan 3
name Security
exit
!
interface vlan 4
name Switch-Management
ip address 192.168.12.4 255.255.255.240
exit
!
ip default-gateway 192.168.12.1
!
interface ethernet g1
description Dell-6224B
switchport mode trunk
switchport trunk allowed vlan add 3,4
exit
!
interface ethernet g2
description Dell-3524C
switchport mode trunk
switchport trunk allowed vlan add 3,4
exit
!
interface range ethernet e(1-22)
switchport mode access
switchport access vlan 3
exit
exit
-----[END 3524]-----
-----[BEGIN 5548]-----
5548A switch

configure
vlan database
vlan 2,4
exit
!
no ip routing
!
hostname Dell-5548A
!
interface vlan 2
name Clients
exit
!
interface vlan 4
name Switch-Management
ip address 192.168.12.5 255.255.255.240
exit
!
ip default-gateway 192.168.12.1
!
interface range gigabitethernet1/0/1-48
switchport mode access
switchport access vlan 2
exit
!
interface tengigabitethernet1/0/1
description Dell-6224A
switchport mode trunk
switchport trunk allowed vlan add 2,4
exit
!
interface tengigabitethernet1/0/2
description Dell-5548B
switchport mode trunk
switchport trunk allowed vlan add 2,4
!
exit

5548B switch

configure
vlan database
vlan 2,4
exit
!
no ip routing
!
hostname Dell-5548B
!
interface vlan 2
name Clients
exit
!
interface vlan 4
name Switch-Management
ip address 192.168.12.6 255.255.255.240
exit
!
ip default-gateway 192.168.12.1
!
interface range gigabitethernet1/0/1-48
switchport mode access
switchport access vlan 2
exit
!
interface tengigabitethernet1/0/1
description Dell-5548A
switchport mode trunk
switchport trunk allowed vlan add 2,4
exit
!
exit

Any Dell Switch Experts?

Supreme [H]ardness

Supreme [H]ardness

2[H]4U

Supreme [H]ardness

2[H]4U

Supreme [H]ardness

Supreme [H]ardness

[H]F Junkie

2[H]4U

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Weaksauce

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Limp Gawd

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Supreme [H]ardness

Weaksauce

Weaksauce