What is the best scenario to tie together (2) sg300-28pp and 5 sg300-10pp?
*Have set ip for each and upgraded all to latest firmware.
*One switch will be directly connected to VPN/Firewall which is connected to ISP modem.
*Need best suggestion for connecting the other 6 switches to main switch.
*should I leave in layer 2 mode?
*just leave default vlan? No need at this point to use multiple vlans.
*do I need to set dns to our Domain controller which is also DNS / what about gateway? (set on each switch?)
*straight runs to each switch from main switch?
Thanks for any help or suggestions.
You'll need to provide more information: do you need to separate clients into IP subnets or will they reside in a single network range? You're saying that VLANs are not needed. Does that mean that all clients may be allowed to see all traffic of all other clients? Do you just connect clients to those switches or do you connect more switches to those switches?
*should I leave in layer 2 mode?
Your description suggests that there is a router/firewall. Thus, I would leave them in layer 2 mode unless you want to route on IP level on each switch. Things to consider here are: what are your communication patterns? Are clients connected to a switch mostly talking to each other or are they mostly talking to some server that is connected by VPN? How many clients do you connect? More clients generate more broadcast traffic. If there's only about a 100 client computers that shouldn't be much of a problem.
*just leave default vlan?
Do you need to separate traffic? Are all clients allowed to see management traffic between switches? Are clients allowed to talk to each other? Usually you're at least separating user data from management data (e.g. web interface of switches)
* do I need to set dns to our Domain controller which is also DNS / what about gateway?
You are not required to do that but it makes things easier if basic functionality like DNS and network time are configured properly. The gateway is technically only required if you're trying to access those switches from another subnet. This could be the case if you're trying to access the management interface of a switch over VPN. I'd definitely set those basic things up properly.
If switches are located in close proximity you should make sure there won't be any network loops. Check out the spanning tree configuration options for that in the manual.
After the basic setup you can work on security features (are there an rogue dhcp servers?) or other management features (do you need to prioritize VoIP traffic)
*Is a small business network and all resources are shared so segmenting traffic is not necessary, clients and servers are connected to switches in various office locations.
*There is a Firewall/VPN appliance as the gateway. Clients talk to each other and servers which are on site. We're talking maybe 30 clients.
*No real need to separate traffic.
*Will point DNS to DC/DNS server
*So in short can set IP for each, leave defaults, except for adding DNS Server and put in place to test? Switches are in close enough proximity that I may run network cable to each individually.
*Should I leave spanning tree enabled on all, seems it's default, will it cause any issues?
*Will be adding new IP phone system shortly that will also traverse this network.
*See attached network basic layout.
Looks like the default vlan has all ports in trunk mode? Should a new vlan be created with ports in access mode so pc's/ip phones can traverse the network or leave the default vlan with current settings?
Is the x in your diagram intended to be the same in all cases? So OBFN (one big flat network)? If so you can just plug them all in and give them all a management IP, subnet, default route. I would also add name server and set NTP so logs will be correct. Maybe set hostnames as well. Yes all the ports on theses switches are trunks at default, but with no VLANs. If you add VLANs later like for voice, you just add them on all the ports you want and the links.
One tip for you on theses switches is I recommend disabling auto smart ports. If you don't they tend to do things automatically you might not like.. Global config command is: macro auto disabled