Home » TP-Link Manuals » Hubs & Switches » TP-Link T1500G-10MPS » Manual Viewer

TP-Link T1500G-10MPS T1500G-10MPSUN V1 User Guide - Page 178

Operation, Description, Network Security, Global, Config, Conifg, RADIUS, Server Conifg, Overview,

View all TP-Link T1500G-10MPS manuals

Add to My Manuals
Save this manual to your list of manuals

Page 178 highlights

Step Operation Description 2 Configure the 802.1X globally. Required. By default, the global 802.1X function is disabled. On the Network Security→802.1X→Global Config page, configure the 802.1X function globally. 3 Configure the 802.1X for the Required. On the Network Security→802.1X→Port port. Config page, configure the 802.1X feature for the port of the switch basing on the actual network. 4 Connect an authentication Required. Record the information of the client in the LAN server to the switch and do to the authentication server and configure the some configuration. corresponding authentication username and password for the client. 5 Enable the AAA function Required. On the Network Security→AAA→Global globally. Conifg page, enable the AAA function globally. 6 Configure the parameters of Required. On the Network Security→AAA→RADIUS the authentication server. Server Conifg page, configure the parameters of the RADIUS server. Note: 1. The 802.1X function takes effect only when it is enabled globally on the switch and for the port. 2. The 802.1X function cannot be enabled for LAG member ports. That is, the port with 802.1X function enabled cannot be added to the LAG. 3. The 802.1X function should not be enabled for the port connected to the authentication server. 12.6 AAA  Overview AAA stands for authentication, authorization and accounting. This feature is used to authenticate users trying to log in to the switch or trying to access the administrative level privilege. Username and password pairs are used for login and privilege authentication. The authentication can be processed locally in the switch or centrally in the RADIUS/TACACS+ server(s). The local authentication username and password pairs can be configured in 4.2 User Management.  Applicable Access Application The authentication can be applied on the following access applications: Console, Telnet, SSH and HTTP.  Authentication Method List A method list describes the authentication methods and their sequence to authenticate a user. The switch supports Login List for users to gain access to the switch, and Enable List for normal users to gain administrative privileges. The administrator can set the authentication methods in a preferable order in the list. The switch uses the first listed method to authenticate users, if that method fails to respond, the switch selects the next authentication method in the method list. This process continues until there is a successful communication with a listed authentication method or until all defined methods are exhausted. If authentication fails at any point in this circle, which means the secure server or the 169

Section	Page
Package Contents	10
Chapter 1 About this Guide	11
1.1 Intended Readers	11
1.2 Conventions	11
1.3 Overview of This Guide	11
Chapter 2 Introduction	15
2.1 Overview of the Switch	15
2.2 Appearance Description	15
2.2.1 Front Panel	15
2.2.2 Rear Panel	17
Chapter 3 Login to the Switch	19
3.1 Login	19
3.2 Configuration	19
Chapter 4 System	21
4.1 System Info	21
4.1.1 System Summary	21
4.1.2 Device Description	22
4.1.3 System Time	23
4.1.4 Daylight Saving Time	24
4.1.5 System IP	25
4.2 User Management	27
4.2.1 User Table	27
4.2.2 User Config	27
4.3 System Tools	29
4.3.1 Boot Config	29
4.3.2 Config Restore	29
4.3.3 Config Backup	30
4.3.4 Firmware Upgrade	31
4.3.5 System Reboot	31
4.3.6 System Reset	32
4.4 Access Security	32
4.4.1 Access Control	32
4.4.2 HTTP Config	33
4.4.3 HTTPS Config	34
4.4.4 SSH Config	38
4.4.5 Telnet Config	44
Chapter 5 Switching	45
5.1 Port	45
5.1.1 Port Config	45
5.1.2 Port Mirror	46
5.1.3 Port Security	48
5.1.4 Port Isolation	50
5.1.5 Loopback Detection	51
5.2 LAG	53
5.2.1 LAG Table	53
5.2.2 Static LAG	55
5.2.3 LACP Config	56
5.3 Traffic Monitor	57
5.3.1 Traffic Summary	57
5.3.2 Traffic Statistics	58
5.4 MAC Address	60
5.4.1 Address Table	61
5.4.2 Static Address	63
5.4.3 Dynamic Address	64
5.4.4 Filtering Address	66
Chapter 6 VLAN	68
6.1 802.1Q VLAN	69
6.1.1 VLAN Config	70
6.1.2 Port Config	72
6.2 Application Example for 802.1Q VLAN	73
Chapter 7 Spanning Tree	75
7.1 STP Config	80
7.1.1 STP Config	80
7.1.2 STP Summary	82
7.2 Port Config	83
7.3 MSTP Instance	85
7.3.1 Region Config	85
7.3.2 Instance Config	86
7.3.3 Instance Port Config	87
7.4 STP Security	88
7.4.1 Port Protect	88
7.5 Application Example for STP Function	91
Chapter 8 Multicast	96
8.1 IGMP Snooping	100
8.1.1 Snooping Config	102
8.1.2 Port Config	103
8.1.3 VLAN Config	104
8.1.4 Multicast VLAN	106
8.1.5 Querier Config	109
8.1.6 Profile Config	110
8.1.7 Profile Binding	112
8.1.8 Packet Statistics	113
8.2 Multicast Table	114
8.2.1 IPv4 Multicast Table	114
8.2.2 Static IPv4 Multicast Table	115
Chapter 9 QoS	117
9.1 DiffServ	120
9.1.1 Port Priority	120
9.1.2 Schedule Mode	121
9.1.3 802.1P Priority	122
9.1.4 DSCP Priority	123
9.2 Bandwidth Control	124
9.2.1 Rate Limit	124
9.2.2 Storm Control	125
9.3 Voice VLAN	126
9.3.1 Global Config	129
9.3.2 Port Config	129
9.3.3 OUI Config	131
Chapter 10 PoE	133
10.1 PoE Config	133
10.1.1 PoE Config	134
10.1.2 PoE Profile	135
10.2 Time-Range	136
10.2.1 Time-Range Summary	136
10.2.2 Time-Range Create	137
10.2.3 Holiday Config	138
Chapter 11 ACL	140
11.1 ACL Config	140
11.1.1 ACL Summary	140
11.1.2 ACL Create	140
11.1.3 MAC ACL	141
11.1.4 Standard-IP ACL	142
11.1.5 Extend-IP ACL	142
11.2 Policy Config	143
11.2.1 Policy Summary	144
11.2.2 Policy Create	144
11.2.3 Action Create	144
11.3 ACL Binding	145
11.3.1 Binding Table	145
11.3.2 Port Binding	146
11.3.3 VLAN Binding	147
11.4 Policy Binding	148
11.4.1 Binding Table	148
11.4.2 Port Binding	149
11.4.3 VLAN Binding	150
11.5 Application Example for ACL	151
Chapter 12 Network Security	153
12.1 IP-MAC Binding	153
12.1.1 Binding Table	153
12.1.2 Manual Binding	154
12.1.3 ARP Scanning	156
12.2 DHCP Snooping	157
12.2.1 Global Config	161
12.2.2 Port Config	161
12.2.3 Option 82 Config	162
12.3 ARP Inspection	163
12.3.1 ARP Detect	166
12.3.2 ARP Defend	168
12.3.3 ARP Statistics	168
12.4 DoS Defend	169
12.4.1 DoS Defend	170
12.5 802.1X	171
12.5.1 Global Config	175
12.5.2 Port Config	176
12.6 AAA	178
12.6.1 Global Config	179
12.6.2 Privilege Elevation	179
12.6.3 RADIUS Server Config	180
12.6.4 TACACS+ Server Config	180
12.6.5 Authentication Server Group Config	181
12.6.6 Authentication Method List Config	182
12.6.7 Application Authentication List Config	184
12.6.8 802.1X Authentication Server Config	184
12.6.9 Default Settings	185
Chapter 13 SNMP	186
13.1 SNMP Config	188
13.1.1 Global Config	188
13.1.2 SNMP View	189
13.1.3 SNMP Group	190
13.1.4 SNMP User	192
13.1.5 SNMP Community	193
13.2 Notification	196
13.3 RMON	197
13.3.1 Statistics	198
13.3.2 History	199
13.3.3 Event	200
13.3.4 Alarm	201
Chapter 14 LLDP	203
14.1 Basic Config	208
14.1.1 Global Config	208
14.1.2 Port Config	209
14.2 Device Info	210
14.2.1 Local Info	210
14.2.2 Neighbor Info	212
14.3 Device Statistics	213
14.4 LLDP-MED	214
14.4.1 Global Config	215
14.4.2 Port Config	216
14.4.3 Local Info	217
14.4.4 Neighbor Info	218
Chapter 15 Maintenance	220
15.1 System Monitor	220
15.1.1 CPU Monitor	220
15.1.2 Memory Monitor	221
15.2 Log	222
15.2.1 Log Table	223
15.2.2 Local Log	224
15.2.3 Remote Log	224
15.2.4 Backup Log	225
15.3 Device Diagnostics	226
15.3.1 Cable Test	226
15.4 Network Diagnostics	227
15.4.1 Ping	227
15.4.2 Tracert	228
Appendix A: Specifications	229

Match case Limit results 1 per page

169

Step

Operation

Description

Configure the 802.1X globally.

Required. By default, the global 802.1X function is

disabled. On the

Network Security

→

802.1X

→

Global

Config

page, configure the 802.1X function globally.

Configure the 802.1X for the

port.

Required. On the

Network Security

→

802.1X

→

Port

Config

page, configure the 802.1X feature for the port of

the switch basing on the actual network.

Connect

authentication

server to the switch and do

some configuration.

Required. Record the information of the client in the LAN

the

authentication

server

and

configure

the

corresponding authentication username and password for

the client.

Enable

the

AAA

function

globally.

Required. On the

Network Security

→

AAA

→

Global

Conifg

page, enable the AAA function globally.

Configure the parameters of

the authentication server.

Required. On the

Network Security

→

AAA

→

RADIUS

Server Conifg

page, configure the parameters of the

RADIUS server.

Note:

The 802.1X function takes effect only when it is enabled globally on the switch and for the

port.

The 802.1X function cannot be enabled for LAG member ports. That is, the port with 802.1X

function enabled cannot be added to the LAG.

The 802.1X function should not be enabled for the port connected to the authentication

server.

12.6

AAA



Overview

AAA stands for authentication, authorization and accounting. This feature is used to authenticate

users trying to log in to the switch or trying to access the administrative level privilege.

Username and password pairs are used for login and privilege authentication. The authentication

can be processed locally in the switch or centrally in the RADIUS/TACACS+ server(s). The local

authentication username and password pairs can be configured in

4.2 User Management



Applicable Access Application

The authentication can be applied on the following access applications: Console, Telnet, SSH and

HTTP.



Authentication Method List

A method list describes the authentication methods and their sequence to authenticate a user. The

switch supports Login List for users to gain access to the switch, and Enable List for normal users

to gain administrative privileges.

The administrator can set the authentication methods in a preferable order in the list. The switch

uses the first listed method to authenticate users, if that method fails to respond, the switch selects

the next authentication method in the method list. This process continues until there is a

successful communication with a listed authentication method or until all defined methods are

exhausted. If authentication fails at any point in this circle, which means the secure server or the