Hello,

I am trying to simulate Dell on GNS3 and after all I have a issue with VNC. Did you check this issue before?

Best regards,

Hello,

we are already using dot1x and want to add management access by SSH to the switches based on RADIUS authentication. As you can see in the configuration below, I want to use a different RADIUS Server for the login authentication than for dot1x.

I defined usages in the radius-server settings, but for some weird reason the switch still connect to 10.0.1.1 instead of 10.0.2.1.

What am I missing here?

aaa authentication login "networkList" local line
aaa authentication login "rad" radius local
authentication enable
dot1x system-auth-control
aaa authentication dot1x default radius

radius-server host auth 10.0.1.1
name "DOT1X_RADIUS"
usage 802.1x
key "KEYKEYKEYKEY"
exit
radius-server host auth 10.0.2.1
name "ADMIN_LOGIN_RADIUS"
usage login
key "KEYKEYKEYKEY"
exit

line console
exec-timeout 480
login authentication networkList
password PASSWORD
exit
line ssh
exec-timeout 480
login authentication rad
exit

Best regards

I understand the N2000 series has limited L3 routing options.  I wanted to explore if any of those options might solve my problem.  I simply want to divert all traffic going to a specific internal subnet away from the firewall (the default gateway), to a WAN optimization device on the same subnet.  The idea being to completely take the firewall out of the traffic routing scenario between the two remote sites routing only through the WAN/VPN devices on both sides.  Thanks!  -mark

Hi

Is it possible to have 2 ports on a switch that port 1 is the primary path to the gateway and port 2 is to a secondary path.  I need them to auto failover

Any Help would be great

thks

Hi,Please help me. My Dell N2048p Switch don't send query to TACACS server.

I set up TACACS Server with TACACS.net on Windows Server 2008 and config Dell N2048 to use TACACS for SSH Authentication. But when I tried to log in, it not working.

I captured packet from my server and find that there are open connection from switch but no data at all.

This is the config from my switch.

And this log from my TACACS Server. It says that there is a new connection from my switch.

This is log from switch. It says "connection timeout to server"

P.S. English is not my mother tongue; please excuse any errors on my part. I know it not very good.

The switches turn on, they seem to stack correctly. Master #1, #2, #3.

I can log in and they all show up. All the firmware is the same.

I had to update a few of them from an older version and use telnet from the serial console.

Any suggestions?

Greetings everyone,

I'm currently demoing the N3048P switch as a possible replacement for my edge access switches for the school district I work in.  Currently I am running Avaya ERS 5600's which are going end of life shortly and with some funding I have available I'm looking at possible replacements but I'm having issues making a few of the features I use on the Avaya switches work on the N3048P.  So far I've had no issue in getting LLDP working and auto assigning my voice vlan for my ip phones as well as using the built in DHCP server (demo purposes) push out the option 242 I need for my phones to auto provision the call server.  Any way sorry for that long part, now onto my question.  On my Avaya switches it was fairly easy to setup an ACL to prevent others from accessing the management vlan (SSH, HTTPS) of the switch.  I'm having issues in getting this working on the Dell switch though, I believe I built my ACL correctly but as soon as I apply it I literally lose all access to the switch on my management vlan.  If anyone has any examples of how I need to implement this I would be forever grateful.  Below is an example of what I am trying to accomplish.  Just an FYI I am reading through the CLI manual but at a little over 2000 pages it is taking me a little bit of time.

VLAN 10 - MGMT VLAN

IP Assigned to VLAN 10 - 10.1.240.32/20

I would like for all devices in the 10.1.240.0/20 and the 10.1.16.0/24 range to be able to access the mgmt vlan and all other traffic be dropped.  I know this is probably trivial for most but please keep in mind I have come from an environment that has operated on Nortel/Avaya network gear for almost 15 years.

I am new here for using dell.

I have Mikrotik CCR1036 Connected to Internet, I have a Dell Networking 3024, Then I have 5 Dell Networking N2024P deploying In each floors. I also have 20 Dell Networking X1026P for each Departments in a building. I have 2 network cable go to each floors.

Here is My Network Structure

Internet --> Mikrotik CCR1036 --> VLAN Trunk Dell Networking N3024 --> VLAN Trunk Dell Networking N2024P -->VLAN Access Dell Networking X1026P --> All PC

MY Question are:

Can you guide me with GUI Configuration

1- Can I use VLAN Trunk between Mikrotik and Dell Networking N3024?

2- How to trunk Dell Networking N3024 with Dell Networking 2024P with my 2 network cables?

3- Can I use 2 cables as failover using LAG? AND how to use LAG with VLAN Trunk?

4- Can you recommend me of best practices of using all my network devices above if It is bad?

At my company, we have a stack of PowerConnect N3000 switches for our core (stacked with mini-sas cables in the back) and then they connect to switches in various closets throughout the building via LAG groups. I have about four closets that have N5548 & 5524P PowerConnects. We have a flat network and our gateway is the X2 port on our SonicWALL firewall (NSA3600). We currently have no VLANs except the default.

We also have a parallel physical network for wireless (made up of D-Link switches), which connects all the access points back to another X port on the SonicWALL. My plan is to go ahead and create a VLAN for wireless on the main network and then get rid of the D-Links.

I've never set up VLANs before but I do get the concept. I also spent the day reading the PowerConnect manual sections on VLANs as well as google, and then I used three extra N5000 switches to test on and I seem to have gotten it working, but I just want to make sure that I've not missed anything.

So, using the web front-end, I just need to do these steps:

1. Create VLAN 2 (named wireless) on all switches

2. Select the ports on each switch where the end points will connect to and then:

a. Put them in Switchport mode: Layer 2 (the default)

b. Put them in Port VLAN mode: access

c. Add '2' from the VLAN list (and only that)

3.  Go to LAG settings under the VLAN menu and select each LAG group on the switch

a. Put them in Switchport mode: Layer 2 (the default)

b. Put them in Port VLAN mode: Trunk

c. Verify that all LAG groups are listed in the VLAN list

4. Save configuration

5. Connect wifi access points to VLAN access ports

6. Connect one access port to the appropriate X port on the SonicWALL for the wireless

Is this correct? I tried this on my test switches and connected some laptops (with a different IP scheme) and was able to ping each other on the ports designated for the VLAN. I also tested to make sure I couldn't ping if one was connected to VLAN 1 and the other to VLAN 2.

I just want to make sure I'm not missing anything. Also, is this something I can do during work hours without any possible network disruptions?

Hi, had this error on a N2000 we have it connected to a few physical servers an M1000e(using M6220s with HV) and a couple of Equilogics. (so can't easily reload it)

Appeared out of the blue and has resulted in 2000+ syslog entries since Friday. We don't think we have changed anything. FW is 6.2.7.2 which is our most recent stable tested FW, until the next round of maintenance.

I have a customer that has (2) S4048T-ON Dell switches and several smaller layer 2 switches connected to it .  The customer wants to create the following scenario using his gear.  I haven't done it before so I wanted to check here if it can be done this way:

10.1.30.0/24 GW 10.10.0.1 (VLAN 300)

10.1.31.0/24 GW 10.10.0.1 (VLAN 310)

10.1.32....... (VLANS 320 - 390) etc. for a total of 9 VLANS

Based on the above routing situation should I be specifying the gateway as a class (B) gateway of 10.10.0.1 or should I be using the gateway for each respective class (c) network? Then creating a route map on my S4048 to route the traffic upstream to the firewall?

This may seem simple, but it's a first for me. Gratitude.

I have had issues with stacking 2 N4032's.  First issue was the slave switch would disconnect and stop responding after 8 hours or so.  I applied firmware version 6.3.1.13 which appears to have solved that issue.

My current issue is that is that I have a LAG (LACP)  that has port on each switch in the stack and I have intermittent communication issues. I can ping a client through the LAG and some times it responds some times it doesn't.  

Both ports show as active when running "show interface Port -Channel 11" .  The FortiGate it is connecting too is also shows both ports active and connected.  The only thing I noticed is that the FortiGate shows its LACP speed as fast and the remote connection as LACP speed as slow,

Here is the config:

interface Te1/1/1
channel-group 11 mode active
exit

interface Te2/1/1
channel-group 11 mode active
exit

interface port-channel 11
switchport mode trunk
switchport trunk allowed vlan add 10,15,20,30,39,50
exit

Here is the weird part, if I move the port so it is on the same switch everything works fine.  

I have tried disabling STP on the port-channel and the individual ports with no success.

Any ideas?  Bad Switch?  Bad Firmware? Bad User?

Hi,

I have just installed a DELL N4032 into our environment to act as a L3 switch to route VoIP traffic from a voice VLAN to a data VLAN where the PBX is located. The VoIP and data traffic are directly connected to a CISCO 2960 series L2 switch via a 4 x 1GbE EtherChannel to 4 x 1GbE port-channel on the DELL switch:

My problem is that if a hammer the connection VoIP handsets loose their connection to the PBX. My thought is that if I configure QoS for the voice VLAN it will resolve the issue.

Can any offer some starting points for configuring QoS?

Thanks in advance,

Matt

We have about 8 - 9+ computers in our household (shop pc, mine and my brothers bedroom pc and consoles, kitchen, my 2 game development pcs, music production pc, 3D animation workstations and my dads workstations as well as various laptops of above family members)

With this many pcs and constant file transfer over wifi (in a very wifi saturated neighborhood) I figured Its about time we went back to good old lan setup. 

The powerconnect has had a steep learning curve for me but I managed to set it up via Putty serial with a USB to Serial adapter and gotten the web interface to work. As of this point it's uncharted territories. All we have is a modem from out ISP and all the computers around the house hold. All we need is to get all of those computers to be able to see each other and to be able to connect to the internet modem

Now I know some of you may be tempted to just post a link to the documentation and tell me to read that. I already have it and even though I may read what each feature does on the switch, I won't know if a particular function is indeed what I need anyways. I realize that nobody likes spoon-feeding but if it's not too much to ask, could someone point exactly what I needed to be set up and what I need to enable to get all our pcs connected to the internet and each other.

PS: As someone who has had a lot of trouble finding the solution to getting access to the web-interface, I'm sure there are other people like me who may be in the same sittuation right now. This took me a while to realize but with the power conenct 3348, In order to get that access to the web interface, you have to set your network adapter settings on the pc to have the same gateway as the switch. Only then I was able to access the web interface by putting in the ip you've set up on the switch terminal, in the browsers address.

Hi,

I hope you can assit with the following

with our dell switches logs are not showing up with hostname on our logging server.

Do we have simillar command like origin id  (witch cisco)  switches where the host name is appended before the syslog or another way.

Thanks,

Ze

We created a access management rule on our switch to prevent in-band management, and since then we are getting a lot of the following log entries:

<189> Mar 8 11:17:48 DenCoreSW01-1 MGMT_ACAL[SNMPTask]: macal_api.c(872) 35968 %% macalRuleActionGet(): List does not exist.

This is the configuration we are using to only allow OOB Managment:

management access-list "DenyInBandMGMT"
deny service any priority 1
exit
management access-class DenyInBandMGMT

System Model ID: N4064

Firmware
unit     active
----     -----------
1        6.3.1.13

Can anyone help with preventing these log entries?

Thank you

Hi All,

Currently i'm working in big project we have two blade chassis (switch powerconnect), PowerEdge M360 server, 

connected to TOR DEll switch by external port of powerconnect switch.

from the server to LAN customer it's ok the configuration is done , i already configure vlan 80 for the production , segment ip used is 10.101.x.x

Now the customer ask for the Hearbeat configuration, segment ip is 172.16.X.X, vlan 100

the problem is the server have two internal ports , so to configure the hearbeat i need to create teaming that mean we will have two physical interface and two virtual interface .

for the segment ip 10.101.x.x there is no issue i can ping the other machine in the second chest without issue.

i change the mode of the switch mode simple to mode easy
Configure
Vlan 80
Exit
Vlan 100
exit
Configuration MSTP:
Configure
Enabling MSTP
1. Set the STP operational mode to MSTP.
console(config)#spanning-tree mode mst
2. Create and MST instance and associate it to a VLAN
console(config)#spanning-tree mst configuration
console(config-mst)#instance 10 add vlan 80
console(config-mst)#instance 10 add vlan 100

console(config)#spanning-tree priority 8192
external port are 17,18,19,20 (port 20 are free), port 19 is for hearbeat, (port 17,18 connection with TOR to customer network)
console(config)#interface te1/0/19
console(config-if)#spanning-tree portfast
console(config-if)switchport general allowed add vlan 100 tagged

ip-snooping-mode

interface tengigabitethernet 1/0/17
spanning-tree portfast
exit

interface tengigabitethernet 1/0/18
spanning-tree portfast
exit

feature fip-snooping

interface range tengigabitethernet 1/0/17-18
ip-snooping port-mode fcf
lldp dchx port-role configuration-source
switchport mode general
switchport general allowed vlan add 80 tagged
exit

ip-snooping enable
exit
inter range teng te1/0/1-16
switchport mode general
switchport general allowed vlan add 80,100 tagged
exit

can someone confirm 

For the hearbeat what i prupose for the customer is to connect external port from the powerconnect switch directly to powerconnect switch of the seconde chassis.

i'm affraid i will have a loop, so i will share with u my configuration .

Hi All,

Currently i'm working in big project we have two blade chassis (switch powerconnect), PowerEdge M360 server, 

connected to TOR DEll switch by external port of powerconnect switch.

from the server to LAN customer it's ok the configuration is done , i already configure vlan 80 for the production , segment ip used is 10.101.x.x

Now the customer ask for the Hearbeat configuration, segment ip is 172.16.X.X, vlan 100

the problem is the server have two internal ports , so to configure the hearbeat i need to create teaming that mean we will have two physical interface and two virtual interface .

for the segment ip 10.101.x.x there is no issue i can ping the other machine in the second chest without issue.

i change the mode of the switch mode simple to mode easy
Configure
Vlan 80
Exit
Vlan 100
exit
Configuration MSTP:
Configure
Enabling MSTP
1. Set the STP operational mode to MSTP.
console(config)#spanning-tree mode mst
2. Create and MST instance and associate it to a VLAN
console(config)#spanning-tree mst configuration
console(config-mst)#instance 10 add vlan 80
console(config-mst)#instance 10 add vlan 100

console(config)#spanning-tree priority 8192
external port are 17,18,19,20 (port 20 are free), port 19 is for hearbeat, (port 17,18 connection with TOR to customer network)
console(config)#interface te1/0/19
console(config-if)#spanning-tree portfast
console(config-if)switchport general allowed add vlan 100 tagged

ip-snooping-mode

interface tengigabitethernet 1/0/17
spanning-tree portfast
exit

interface tengigabitethernet 1/0/18
spanning-tree portfast
exit

feature fip-snooping

interface range tengigabitethernet 1/0/17-18
ip-snooping port-mode fcf
lldp dchx port-role configuration-source
switchport mode general
switchport general allowed vlan add 80 tagged
exit

ip-snooping enable
exit
inter range teng te1/0/1-16
switchport mode general
switchport general allowed vlan add 80,100 tagged
exit

can someone confirm 

For the hearbeat what i prupose for the customer is to connect external port from the powerconnect switch directly to powerconnect switch of the seconde chassis.

i'm affraid i will have a loop, so i will share with u my configuration .

I am new to Dell switches 

We are connecting two 10GB SFP+ ports to pass traffic between our two switches.

The settings on these switches are as follows:

interface ethernet 1/xg2
spanning-tree portfast
mtu 9216
switchport mode general
switchport general allowed vlan add 10,100,200,250-251,3000 tagged

However traffic is not flowing between the two switches, what am i missing here?

Thanks 

Hi community.

I have 2 Stacked N4000 switches, an equallogic SAN and R730 servers.

I am planning to use half of the N4000 for iSCSI traffic and the other half for normal network operations.

Is it possible to setup Jumbo frames (MTU 9216) only for my ports for iSCSI traffic and the rest of the ports have a normal MTU?

I can see that there is a global configuration for MTU's but this would then apply for all ports?

Any help appreciated.