Configuring External Switch PortShield Groups from Port Graphics

When an extended switch has been powered off and then the appliance is restarted (rebooted), it might take up to five minutes before the appliance discovers the extended switch and reports the Status of the switch as Connected.
When configuring extended switches in a PortShield group, it might take up to five minutes for the configuration to be displayed on NETWORK | System > PortShield Groups.

Interfaces must be configured before being grouped with PortShield.

For more information, go to https://www.sonicwall.com/support/technical-documentation/ and search for the SonicWall SonicOS X-Series Solution Deployment Guide by selecting NSa Series and TZ Series in the Select A Product field.

NETWORK | System > PortShield Groups displays a graphical representation of the current configuration of PortShield interfaces on both the firewall and the extended (external) switch(es). If there is one external switch, there are two graphics; for two external switches, there are three graphics, and so on. The switch graphics are labeled with the switch model and the external switch ID: 1, 2, 3, 4.

You can manually group ports on the firewall and switches together using the graphical PortShield Groups interface by clicking on the ports you want to group. Grouping ports allows them to share a common network subnet as well as common zone settings.

To configure PortShield groups with external switches

1. Configure the ports on the appliance by following the procedure in Configuring PortShield Interfaces on NETWORK | System > PortShield Groups.
2. In the port graphic for the external switch, select the interface(s) you want to configure as part of the PortShield group. The interfaces turn yellow.
3. Click Configure. The Edit Multiple Switch Ports dialog displays.

The Name field is dimmed and cannot be modified. It displays the names of both the appliance’s and external switch’s ports you selected (n is the selected port):

• Firewall ports are named Xn.
• External switch 1 ports are named ES1 : n.
• External switch 2 ports are named ES2 : n.
• External switch 3 ports are named ES3 : n.
• External switch 4 ports are named ES4 : n.

4. From Port Enable, select:

• Disabled
• Enabled
• —Keep Current Settings— (default) – By default, all ports on the extended switch are enabled.

5. From PortShield Interface, select which interface you want to assign as the master interface for these PortShield interfaces:

• Unassigned
• Port name

For a port to be an interface, it must be configured with an IP address. Otherwise, the port is not listed in PortShield Interface.

• —Keep Current Settings— (default)

PortShield options could be disabled for external switch ports. Ports that are portshielded here are configured automatically as access VLANs for the corresponding PortShield VLAN.

6. From Link Speed, select the link speed for the interfaces:
   • Auto Negotiate
   • 1000 Mbps – Full Duplex
   • 100 Mbps – Full Duplex
   • 100 Mbps – Half Duplex
   • 10 Mbps – Full Duplex
   • 10 Mbps – Half Duplex
   • —Keep Current Settings— (default) – By default, the link speed for all ports on the extended switch are set to Auto Negotiate.

7. Click OK.