iT邦幫忙

0

學藝不精,請教DELL Switch 設定方式(已成功)

感謝大神,範例做完,大概知道麼設定了^^

###########################################################################
型號:dell switch n2048
同一台Switch 48 port 分3個VLAN,第port 1連到外網,各個VLAN之間不能互通,但可全透過port 1.2.3(vlan1)上網
vlan 1:port 1-3,(pvid:1,untagged vid:1-3)
valn 2:port 4-30,(pvid:2,untagged vid:1,2)
valn 3:port 31-28,(pvid:3,untagged vid:1,3)

################
interface range gigabitethernet 2/0/1-3
switchport mode general
switchport access vlan1
switchport general pvid 1
switchport general allowed vlan add 1-3 untagged
no shutdown
exit

################
interface range gigabitethernet 2/0/4-30
switchport mode general
switchport access vlan2
switchport general pvid 2
switchport general allowed vlan add 1,2 untagged
no shutdown
exit

################
interface range gigabitethernet 2/0/31-48
switchport mode general
switchport access vlan3
switchport general pvid 3
switchport general allowed vlan add 1,3 untagged
no shutdown
exit

################
show interfaces switchport gigabitethernet 2/0/2
Access Mode VLAN: 1,General Mode PVID: 1,General Mode Untagged VLANs: 1-3

show interfaces switchport gigabitethernet 2/0/20
Access Mode VLAN: 2,General Mode PVID: 2,General Mode Untagged VLANs: 1-2

show interfaces switchport gigabitethernet 2/0/40
Access Mode VLAN: 3,General Mode PVID: 3,General Mode Untagged VLANs: 1,3

################
show vlan
VLAN Name Ports Type


1 default Po1-128, Default
Gi2/0/1-48,
Te2/0/1-2
2 VLAN0002 Gi2/0/1-30 Static
3 VLAN0003 Gi2/0/1-3, Static
Gi2/0/31-48
################
##測試
port 1-3 可連上外網,(vlan1)
測試:port 3、20、40,(ping 8.8.8.8全部vlan、port都可以連上外網)
測試:port2、3,port35、45,(同vlan互ping可以通)
測試:port2、45,(vlan1 ping vlan5通)
測試:port10、40,(vlan2 ping vlan3不通)

192.168.2.79、192.168.2.171互ping

################
##參考連結:
https://ithelp.ithome.com.tw/questions/10193940#answer-356128
https://ethernet-diy.blogspot.com/2017/11/8021q-tag-vlan-l2l2.html
https://weihanit.wordpress.com/2017/07/27/switch-vlan%E8%A8%AD%E5%AE%9A%E7%AF%84%E4%BE%8B%E4%B8%80/
https://www.dell.com/support/article/tw/zh/twbsd1/how12148/how-to-configure-switchport-modes-on-dell-networking-n-series-switches?lang=en
###########################################################################

port 1 不考慮trunk allow all 嗎?

2 個回答

0
yesongow
iT邦大師 1 級 ‧ 2019-06-01 09:36:52

各個VLAN之間不能互通
那麼,個別VLAN如何透過Firewall上網呢?

看更多先前的回應...收起先前的回應...
yesongow iT邦大師 1 級 ‧ 2019-06-01 09:39:08 檢舉

vlan 1:port 1
vlan 2:port 1,2-12
vlan 3:port 1,13-24
vlan 4:port 1,25-36
vlan 5:port 1,37-48

除非,Firewall LAN Port 可以綁四個IP
192.168.2.3/24
192.168.3.3/24
192.168.4.3/24
192.168.5.3/24

跟FW對接的port,vlan都不通了是要怎麼去FW??

yesongow iT邦大師 1 級 ‧ 2019-06-03 11:57:51 檢舉

所以,每個VLAN都要與Port1相通!

哈哈 跟我一樣覺得第一段很奇
各個VLAN都不能通,外網在port1,但port1又在VLAN1和port1, port2在一起??

yesongow iT邦大師 1 級 ‧ 2019-06-04 19:17:28 檢舉

VLAN5可以互通VLAN5的Port 1,所以也能通Firewall
只是要用哪個IP連線,這也是傷腦筋的地方!

0
raytracy
iT邦大神 1 級 ‧ 2019-06-01 12:12:51

你的 Port 1 要不要改試試 General mode:
How to Configure Switchport Modes on Dell Networking N Series Switches

https://ithelp.ithome.com.tw/upload/images/20190601/200266034Ew5doaxw6.png

switchport general allowed vlan add 1-5 untagged

我要發表回答

立即登入回答