DebugQ - De:Bug:Q

Go Back   DebugQ - De:Bug:Q > MIS > Network
FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply
Thread Tools Display Modes
  #1  
Unread 02-06-2019, 10:59 AM
Debugger Debugger is offline
Administrator
 
Join Date: Oct 2007
Posts: 936
Default SonicWall Portshield groups

sonicwall-zones-and-portshield-groups


SoncWall : Zones and Portshield Groups

https://itgroove.net/thebeagle/2013/...shield-groups/


   

Reply With Quote
  #2  
Unread 02-14-2019, 08:15 AM
Debugger Debugger is offline
Administrator
 
Join Date: Oct 2007
Posts: 936
Default

Zone:

a group container for one or more networks that then sit behind a specific firewall barrier that imposes a specific set of firewall rules that controls traffic flow into and out of the group (zone).

----

Zones can always be applied to multiple interfaces in the Network > Interfaces page, even without the use of PortShield groupings. However, these interfaces will not share the same network subnet unless they are grouped using PortShield.


   

Reply With Quote
  #3  
Unread 02-14-2019, 08:17 AM
Debugger Debugger is offline
Administrator
 
Join Date: Oct 2007
Posts: 936
Default

Portshield:

is a fancy name for port aggregation.

In other words, Portshield allows me to group two or more ports together so that those ports function in the same way in the same zone.


-----

Name:  network_portshield_page.png
Views: 12
Size:  58.2 KB


You can assign any combination of ports into a PortShield interface. All ports you do not assign to a PortShield interface are assigned to the LAN interface.

Quote:
The Network > PortShield Groups page allows you to manage the assignments of ports to PortShield interfaces.
The Sonicwall Portshield is to have the ports in the same network as a switch. PortShield means they would all be on the same LAN segment.


   

Reply With Quote
  #4  
Unread 02-14-2019, 08:27 AM
Debugger Debugger is offline
Administrator
 
Join Date: Oct 2007
Posts: 936
Default

Example:


What if I just want to add another port to an existing zone that already has a gateway? The port does not need an address in this case. This is pretty simple!

Go to Network –> Portshield Groups and click on the edit button for the port.

Name:  image_thumb17.png
Views: 12
Size:  39.9 KB


Clicking on the Portshield Interface dropdown allows me to select a zone gateway port (a Portshield Interface) to attach to:

Name:  image_thumb18.png
Views: 12
Size:  38.1 KB


By selecting the X0 interface we add the X5 port onto the same network as the X0 port and use X0 as the gateway.

Name:  image_thumb19.png
Views: 12
Size:  58.8 KB

Now there are two ports on the X0 Portshield.


   

Reply With Quote
  #5  
Unread 02-14-2019, 09:01 AM
Debugger Debugger is offline
Administrator
 
Join Date: Oct 2007
Posts: 936
Default

Comparing:

Layer 2 Bridged Mode - limited to two lan interfaces.


Example:
To have X1 for the wan and X0, X2, X3 and X4 connected to 4 devices that would form a lan.


Answer:

This is configured via the Network -> Interfaces area, the LAN interface is configured as normal and the "extra" LAN interfaces are set to the LAN zone, PortShield Switch Mode, and PortShield to X0 (our LAN).

Quote:
X0 - LAN
X1 - WAN
X2 - Portshield to X0
X3 - Portshield to X0
X4 - Portshield to X0


   

Reply With Quote
  #6  
Unread 02-14-2019, 09:03 AM
Debugger Debugger is offline
Administrator
 
Join Date: Oct 2007
Posts: 936
Default

PortShield configuration GUI

Name:  PortShield_config_GUI.png
Views: 14
Size:  513.7 KB


   

Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is On
Forum Jump


All times are GMT. The time now is 06:34 PM.

Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
DebugQ - Debug Quote - De:Bug:Q