SonicWall Switch Series FAQ

06/10/2020 12 People found this article helpful 187,093 Views

Description

This article covers some of the basic FAQs related to SonicWall Switch.

Resolution

What is SonicWall Switch Series?
The SonicWall Switches are layer 2 devices specially designed to support Access Points and IP Surveillance cameras, VOIP phones, and other PoE-Capable devices as well as other Ethernet-based networking equipment or computers. The Switch provides simple, yet powerful PoE manageability with features such as: IEEE 802.3af or IEEE 802.3at/af ports, PoE port management, loopback detection, and IGMP snooping.
What are the main use cases for Switch Deployments?
The two main use cases envisioned for SonicWall switches are
a) Branch office scenarios where they are managed by SonicWall firewalls
b) Campus wi-fi deployments managed via SonicWall’s Wi Fi Cloud Manager.
Configuring switches from Worldwide Cloud Manager (WCM) is not supported during the first release.
Use case scenarios where the switches are managed directly through their local UI are less prevalent.
What are the system requirements for switch compatibility?
Configure switches from the firewalls listed below while running SonicOS 6.5.4.6.
- SOHO models: SOHO, SOHO250, and SOHOW250
- TZ models: All models
- NSa models: All models
What are the available Switch Models and technical specifications?
Switch Series models are available in following models
What are the supported Switch features?
The SonicWall Switch Series includes support for below features during the first release

System Management
• SSH access
• Console Access
• HTTPS Access
• SNMP
• User Management
• Dual partition for firmware images
• DHCP Snooping
• DHCP Relay
• SNTP
• RADIUS Authentication

Switching
• Port Control and Settings
• PoE
• Port Security
• EEE
• STP
• Loopback Detection
• Link Aggregation
• Port Trunking
• LACP
• Port Mirror
• Jumbo Frames
• LLDP
• IGMP Snooping
• Multicast Filtering
• QoS
• CoS based on 802.1p priority CoS based on physical port CoS based on TOS
• CoS based on DSCP BootP/DHCP Client
• Bandwidth Control
• Storm Control
• RMON
• Port Statistics

Routing
• Static Routes

Security
• Port-based Access Control 802.1X
• DoS
• MAC Based ACL
• MAC Based ACE
• IPv4 Based ACL
• IPv4 Based ACE
• ACL BINDING

VLAN
• 802.1Q
• Native VLAN
• Voice VLAN

MONITORING
• Local Logging
• Remote Logging

DIAGNOSTICS
• Ping
• Traceroute
Does all Switch Models support PoE?
The switch models that include POE in their model name supports Power Over Ethernet feature. Below are the models that supports PoE:
• SWS12-8POE
• SWS12-10FPOE
• SWS14-24FPOE
• SWS14-48FPOE
What is the baseline SonicOS Version for Switch?
At launch, Firewall should be running SonicOS 6.5.4.6-79n to be able to manage the Switches.
How do I purchase Switch?
Contact SonicWall distributor to purchase SonicWall Switch. You will receive a fulfillment email with Serial Number and authentication code. Register on MySonicWall with Serial Number to get support on the product.
What are the supported modules that can be used on SonicWall Switch?
How to deploy/Install Switch?

Please refer to How To Integrate A SonicWall Switch With SonicWall UTM Using Auto-Discovery?
What are the maximum numbers of Switches that can be connected to firewalls?

Switches can be setup with firewalls in standalone or daisy-chained configurations.
• Standalone mode — Up to four switches can be connected to a single firewall over separate ports.
• Daisy Chain mode — Up to four switches can be supported in three configurations.
a) 1 switch in standalone mode and three switches connected to it in daisy chain mode.
b) 2 switches in standalone mode and with 1 switch connected to each in daisy chain mode.
c) 3 switches in standalone mode and 1 switch connected to any of the switches in daisy chain mode
Can I add a switch to a Zero Touch Enabled Firewall?
Yes. In order for the firewall to sense the presence of the switch, its firmware must be at SonicOS 6.5.4.6-70n or higher. The switch should be at 1.0.0.0-39 or higher.
On MySonicWall, firmware is available under Downloads for Switch firmware and 6.5.4.6 firmware.
Can I connect multiple vendors switches and manage from the same SonicWall Firewall?
We support managing SonicWall switches and Dell X/N series switches from the same SonicWall firewall.
Is dynamic routing support on the Switch?
No. During the initial release, we only support static routes on standalone switches. Dynamic routing can be configured on the firewall
What are the basic topologies that supported for solution including Switch?
Basic topologies for an SWS12- or SWS14-series switch managed by a Firewall running SonicOS 6.5.4.6 include:
• Common uplink configuration
• Dedicated uplink configuration
• Hybrid configuration with common and dedicated uplink(s)
• Isolated links configuration for management and data traffic
• HA and PortShield configurations with dedicated uplink(s)
• HA and PortShield configurations with common uplink(s)
• VLAN(s) with dedicated uplink(s) configuration
• Dedicated Uplinks with SonicWall Access Points
Is there a default management port on the Switch?
No. Whichever port on the switch is connected to the Firewall is considered as the Management port.
Is VTP supported to share vlan information between multiple switches?
In the first release, only daisy chain setup switches will allow vlan configuration being automatically added on interface connected between parent and child switch.
What is CSC Version Supported with Switch Series?
CSC-MA 1.7.1 and above will support SonicWall Switch Series.
Are Switch model upgrades available?
This is not available during initial release.
Can I import Settings from one switch to another?
No. This is not supported in the first release.
Does Switch support VRRP, HSRP and stacking?
At launch, Switch does not support these features. DaisyChaining is supported that can be used to connect upto 4 switches to a single firewall.
What is the default browser supported to manage Switch?
Chrome is default browser supported for managing Switch
How to change switch password?
You can change switch passwords from Firewall UI for firewall managed switches in addition to direct access of Switch.
How to export switch config?
During the first release, user needs to export the firewall config that will include Switch settings as well.
Does SonicWall switch port support port fast feature?
SonicWall switches are in port fast mode by default.
What is default Switch IP?
Default is 192.168.0.239. HTTP access is disabled.
What is Dual Partition and what is it used for?
The Switch maintains two versions of the Switch image in its permanent storage. One image is the active image, and the second image is the backup image. The Dual Image screen enables the user to select which partition will be set as active after the next reset. The Switch boots and runs from the active image. If the active image is corrupt, the system automatically boots from the non- active image.
Is HA supported on Switch?
These are access layer switches. No hardware failure supported like Firewall. But you can use multiple switches to firewall for that condition.
Can we login to Switch UI and CLI from Firewall UI directly?
No. Switch UI and CLI needs to be accessed separately during the first release.
Can we use LAG or LACP between parent and a child switch in daisy chaining?
LAG/LACP not supported between switches in DaisyChain setup from Firewall UI.
What is the max number of interface we can use in LAG/LACP between
a. Switch and SonicWall
b. Two switches in daisy chain configuration
We only support link aggregation between switches those are not integrated to firewall and not from Firewall’s Switch Controller.
Do we support Private VLAN/ VLAN isolation concept on SonicWall switches?
Port Isolation feature is supported.
What switch features might stop working on registration failure or license sync error/failure ?
Technical Support and Firmware Updates will not be available post license expiration. Switch Features do not have separate licenses.
Is hybrid daisy chaining or mix deployment of SonicWall switches and Dell X/N series switches supported?
This is not supported during the first release.
Will upgrading the SonicWall firewall's firmware auto-upgrade the SonicWall switch's firmware?
SonicWall Firewall upgrade is independent of Switch Firmware. But the option is available to upgrade Switch Firmware from Firewall UI(applicable to Firewall Managed Switches).
What is the process to replace a faulty switch?
Update the switch serial number on the Firewall->Switch Controller Tab and configurations should be ready on its own once the replacement switch is connected.
What is the version of CSC-MA that will support Firewall Managed Switch?
CSC-MA 1.7.1 will support Firewall Managed Switches
Do we support Standalone Switch Management on CSC-MA/GMS?
Not supported in the current release.
Do we need separate licenses on CSC-MA while managing Firewall Managed Switches?
No separate licenses for Switches.
Do we support MultiSwitches and DaisyChain Setup from CSC?
Yes. It is supported.
What mode of connectivity is supported on CSC for Firewall Managed switches?
Both Zero-Touch and Manual mode is supported on CSC for Firewall Managed Switch
What are the best practices to be followed on the SonicWall Switches?
• Reserved VLAN range on the firewall should be changed before adding the SonicWall Switch. If the Reserved VLAN range changes after connecting the Switch, then the Switch must be removed and re-added.
• While upgrading the switch firmware, always make to upgrade one partition at a time and leave the other partition for recovery purposes.
• For TZ Firewalls make sure to disable port-shield on the interface where SonicWall switch will be connected.
• Make sure to use dedicated uplink port in deployments where a dedicated 1G link is needed for a particular firewall interface. Cases where this configuration is necessary:
i. VLANs are used; for example, another switch behind the switch.
ii. There is a large volume of traffic and there needs to be a separate uplink for this traffic.
• For dedicated uplinks to work, the physical link must be connected before being configured
• With a common link, the management traffic and data traffic run on the same uplink. The data traffic is congested, so is management traffic, which results in a delay in forwarding management traffic. If data traffic is congested, consider configuring separate links for management traffic and data traffic. Although similar to a common link configuration, the isolated management/data configuration runs separate uplinks for management traffic and data traffic. This configuration ensures that even with a high amount of data traffic, management traffic to the switch is forwarded without being delayed.
• Make sure not to make changes from Switch UI in cases where it is managed by Firewall.
• Make sure to use SonicWall approved SFP modules on the Switch.
• To support Switch Firmware Upgrade from Firewall UI, make sure firewall has access to Internet.
• Chrome browser is the preferred browser during the first release.
• To use the switch with HA, you must first create a HA setup in Firewall, and then add the switch.