TP-Link TL-SG3210XHP-M2 Omada SDN Controller Software 4.1.5Windows/Linux User
TP-Link TL-SG3210XHP-M2 Manual
View all TP-Link TL-SG3210XHP-M2 manuals
Add to My Manuals
Save this manual to your list of manuals |
TP-Link TL-SG3210XHP-M2 manual content summary:
- TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 1
User Guide Omada SDN Controller 1910012864 REV4.0.1 August 2020 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 2
More Information ■ For technical support, the latest version of the User Guide and other information, please visit https://www.tp-link.com/support. ■ To ask questions, find answers, and communicate with TP-Link users or engineers, please visit https://community.tp-link.com to join TP-Link Community. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 3
CONTENTS About this Guide Omada SDN Controller Solution Overview Overview of Omada SDN Controller Solution...2 Navigate the UI...44 Modify the Current Site Configuration...47 Site Configuration...47 Services...47 Advanced Features...50 Device Account...52 Configure Wired Networks...53 Set Up - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 4
114 Create Profiles...141 Time Range...141 Groups...143 Authentication...147 Portal...147 802.1X...178 MAC-Based Authentication...181 RADIUS Profile...182 Services...185 Dynamic DNS...185 SNMP...187 UPnP...188 SSH...189 Reboot Schedule...189 PoE Schedule...190 Export Data...191 Configure the Omada - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 5
HTTPS Certificate...198 Access Port Config...198 Manage Your Controller Remotely via Cloud Access 200 Maintenance...202 Controller Status...202 User Interface...202 Backup & Restore...204 Migration...205 Site Migration...205 Controller Migration...210 Auto Backup...217 Configure and Monitor Omada - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 6
Explanation of Widgets...290 View the Statistics of the Network...298 Performance...298 Switch Statistics ...301 Speed Test Statistics...303 Monitor the Network with Map...305 Topology...305 Map...307 View the Statistics During Specified Period with Insight 310 Known Clients...310 Past Portal - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 7
enterprise networks comprised of security gateways, switches, and wireless access points. With a reliable network management platform powered by TP-Link Omada SDN Controller, you can develop comprehensive, software-defined networking across demanding, high-traffic environments with robust wired and - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 8
Chapter 1 Omada SDN Controller Solution Overview 1. 1 Overview of Omada SDN Controller Solution Omada SDN Controller Solution is designed to provide business-class networking solutions for demanding, high-traffic environments such as campuses, hotels, malls, and offices. Omada SDN Controller - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 9
advanced business networks. ■ Access Points (Omada EAPs)-satisfy the mainstream Wi-Fi Standard and address your highdensity access needs with TP-Link's innovation to help you build the versatile and reliable wireless network for all business applications. Omada SDN Controller Tailored to different - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 10
Omada Access Points ■ Omada Cloud-Based Controller Omada Cloud controller is deployed on the Omada Cloud server, providing paid service with tiered pricing. With a paid subscription to the Omada Cloud Service, you need not purchase an additional hardware device or install the software on the host. 4 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 11
of network management. In this guide, Omada Software Controller, Omada Hardware Controller, and Omada Cloud-Based Controller are referred to as the controller, unless we mention otherwise. Omada Managed Gateways TP-Link's SafeStream VPN Router supports Gigabit Ethernet connections on both WAN - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 12
Chapter 1 Omada Supported Switches Omada SDN Controller Solution Overview TL-SG2210MP V1 (default factory version or above) TL-SG2428P V1 (default factory version or above) TL-SG2008P V1 ( - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 13
Omada Access Points Omada SDN Controller Solution Overview TP-Link's Omada Access Point provides business-class Wi-Fi points which can be managed by the controller. Omada Supported APs EAP660 HD V1 (default factory version or above) EAP620 HD V1 (default factory version or above) EAP265HD V1 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 14
2 Get Started with Omada SDN Controller This chapter guides you on how to get started with Omada SDN Controller to configure the network. Omada Software Controller, Omada Hardware Controller, and Omada Cloud-Based Controller - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 15
Switches Access Points Omada Software Controller Omada Access Points Note: When using Omada SDN Controller, we recommend that you deploy the full Omada topology with supported TP-Link devices. If you use third-party devices, Omada SDN Controller cannot discover and manage them. 9 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 16
11 (or above). ■■ Install Omada Software Controller Download the installation file of Omada Software Controller from the website. Then follow the instructions to properly install the Omada Software Controller. After a successful installation, a shortcut icon of the Omada Software Controller will be - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 17
your operating system from the website and follow the instructions to install the JRE. For Ubuntu16.04 or jsvc or curl installed, you can install it manually with the command: apt-get install or yum use the command: apt-get -f install to fix the problem. • Install the .tar.gz file 1. Make sure your - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 18
Omada Software Controller Launch Omada Software Controller and follow the instructions to complete the basic configurations, and then you can log in the address bar. • If your web browser opens but prompts a problem with the website's security certificate, click Continue. • Only one Omada Controller - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 19
Chapter 2 Get Started with Omada SDN Controller Do the Basic Configurations In the web browser, you can see the configuration page. Follow the setup wizard to complete the basic settings for Omada Controller. 1. Click Let's Get Started. 2. Specify a name for Omada Controller, and set your region - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 20
Chapter 2 Get Started with Omada SDN Controller 3. The setup page displays all the discovered devices in the network. Select one or more devices to be managed and click Next. 4. Set a wireless network name (SSID) and password for the EAPs to be managed. Omada Controller will create two wireless - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 21
Get Started with Omada SDN Controller 6. If you want to access the controller to manage networks remotely, enable the Cloud Access button, and bind your TP-Link ID to your Omada Controller, and then click Next. If not, click Next directly. For more details about Omada Cloud, please refer to Omada - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 22
to log in to the Omada Controller and manage EAPs. Or you can log in to Omada Controller using other management devices through Omada Cloud service. 16 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 23
Hardware Controller Omada Access Points Note: When using Omada SDN Controller, we recommend that you deploy the full Omada topology with supported TP-Link devices. If you use third-party devices, Omada SDN Controller cannot discover and manage them. 2. 2. 2 Deploy Omada Hardware Controller Omada - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 24
Chapter 2 2. 2. 3 Start and Log in to the Controller Get Started with Omada SDN Controller Log In to the Management Interface Follow the steps below to enter the management interface of Omada Hardware Controller: 1. Make sure that your management device has the route to access the controller. 2. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 25
Chapter 2 Get Started with Omada SDN Controller 2. Specify a name for Omada Controller, and set your region and timezone. Then select the application scenario depending on your needs. Click Next. 3. The setup page displays all the discovered devices in the network. Select one or more devices to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 26
a mail server, refer to Notifications. 6. If you want to access the controller to manage networks remotely, enable the Cloud Access button, and bind your TP-Link ID to your Omada Controller, and then click Next. If not, click Next directly. For more details about Omada Cloud, please refer to Omada - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 27
to log in to the Omada Controller and manage EAPs. Or you can log in to Omada Controller using other management devices through Omada Cloud service. 21 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 28
you have identified these requirements, follow the steps below to initially set up Omada Cloud-Based Controller: 1 ) Create a TP-Link ID. 2 ) Subscribe to Omada Cloud Service. 3 ) Start and log in to the controller. The get-started configuration steps of Omada Cloud-Based Controller are similar - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 29
3 Manage Omada Managed Devices and Sites Start managing your network by creating sites and adopting devices so that you can configure and monitor your devices centrally while keeping things organized. The chapter includes the following sections: • Create Sites • Adopt Devices - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 30
Chapter 3 3. 1 Create Sites Manage Omada Managed Devices and Sites Overview Different sites are logically separated network locations, like different subsidiary companies or departments. It's best practice to create one site for each LAN (Local Area Network) and add all the devices within the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 31
Chapter 3 Manage Omada Managed Devices and Sites Create a Site View and Edit the Site Go Into the Site To create a site, choose one from the following methods according to your needs. ■■ Create a site from scratch 1. Click + Add New Site in the drop-down list of Sites. Alternatively, click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 32
Chapter 3 Manage Omada Managed Devices and Sites ■■ Import a site from another controller If you want to migrate seamlessly from an old controller to a new one, import the site configuration file of the old controller into the new. Before that, you need to export the site configuration file from - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 33
Chapter 3 Manage Omada Managed Devices and Sites 1. Select the site from the drop-down list of Sites to go into the site. 2. The Site field indicates the site which you are currently in. Some configuration items in the menu are applied to the site which you are currently in, whereas others are - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 34
Chapter 3 3. 2 Adopt Devices Manage Omada Managed Devices and Sites Overview After you create a site, add your devices to the site by making the controller adopt them. Make sure that your devices in each LAN are added to the corresponding site so that they can be managed centrally. Site C LAN 3 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 35
Chapter 3 Manage Omada Managed Devices and Sites Prepare for Communication Prepare for Device Discovery Adopt the Devices Note: If the controller and devices are in the same LAN, subnet and VLAN, skip this step. Make sure that the controller can communicate with the devices. Otherwise, the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 36
Chapter 3 Manage Omada Managed Devices and Sites 1. Set up the Network ■■ Scenario 1: Across VLANs or Subnets As shown in the following figures, the controller and devices are in different VLANs or subnets. You need to set up a layer 3 interface for each VLAN or subnet, and make sure the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 37
Chapter 3 Manage Omada Managed Devices and Sites • Use Port Forwarding Configure Port Forwarding on Gateway B and open port 29810-29813 for the controller, which are essential for discovering and adopting devices. If you are using firewalls in the networks, make sure that the firewalls don't block - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 38
Chapter 3 Manage Omada Managed Devices and Sites as Interface, disable DMZ, specify 29810-29813 as Source Port and Destination Port, specify the controller's IP address as Destination IP, and select All as Protocol. Then click Create. 32 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 39
• Use VPN Set up a VPN connection between Gateway A and Gateway B in Standalone Mode. For details about VPN configuration, refer to the User Guide of the gateways. Internet VPN VPN Connection Gateway A VPN Gateway B Switch AP AP LAN 1 Omada SDN Controller Site Unified Management from One - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 40
Chapter 3 Manage Omada Managed Devices and Sites IP as the IP address of the controller (if you have configured Port Forwarding on the controller side, use the public WAN IP address of the gateway instead). Then click Ping. If the ping result shows the packets are received, it implies that the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 41
Chapter 3 Manage Omada Managed Devices and Sites IP Address as the controller's URL or IP address (if you have configured Port Forwarding on the controller side, use the public WAN IP address of the gateway instead). Then click Apply. ■■ Discovery Utility Discovery Utility can discover the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 42
Chapter 3 Manage Omada Managed Devices and Sites 2. Open Discovery Utility and you can see a list of devices. Select the devices to be adopted and click Batch Setting. 3. Specify Controller Hostname/IP as the IP address of the controller (if you have configured Port Forwarding on the controller - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 43
Chapter 3 Manage Omada Managed Devices and Sites enter the username and password of the devices. By default, the username and password are both admin. Then click Apply. Wait until the setting succeeds. ■■ DHCP Option 138 DHCP Option 138 informs a DHCP client, such as a switch or an EAP, of the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 44
Chapter 3 Manage Omada Managed Devices and Sites 138 as the controller's IP address (if you have configured Port Forwarding on the controller side, use the public WAN IP address of the gateway instead). Click Save. 3. To make DHCP Option 138 take effect, you need to renew DHCP parameters for the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 45
Chapter 3 Manage Omada Managed Devices and Sites Prepare for Communication Prepare for Device Discovery Adopt the Devices 1. Decide which site you want to add the devices to. On the controller configuration page, select the site from the drop-down list of Sites. 2. Go to Devices, and devices - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 46
Chapter 3 3. 3. 2 For Omada Cloud-Based Controller To adopt the devices on the controller, follow these steps: 1 ) Connect to the internet. 2 ) Prepare for controller management. 3 ) Adopt the devices. Manage Omada Managed Devices and Sites Connect to the Internet Prepare for Controller - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 47
devices to be adopted by Omada CloudBased Controller. Make sure Cloud-Based Controller Management is enabled on the devices. For details, refer to the User Guide of your devices, which can be downloaded from the TP-Link download center. 41 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 48
Chapter 3 Manage Omada Managed Devices and Sites Let's take a switch for example. Log into the web page of the switch in Standalone Mode. Go to SYSTEM > Controller Settings to load the following page. In Cloud-Based Controller Management, enable CloudBased Controller Management and click Apply. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 49
4 Configure the Network with Omada SDN Controller This chapter guides you on how to configure the network with Omada SDN Controller. As the • Configure Wired Networks • Configure Wireless Networks • Network Security • Transmission • Configure VPN • Create Profiles • Authentication • Services - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 50
monitor your network, it is helpful to familiarize yourself with the most commonly-used elements of the Controller UI that are frequently referenced in this guide. The Controller UI is grouped into task-oriented menus, which are located in the top right-hand corner and the left-hand navigation bar - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 51
UI depending on your needs. For details, refer to Maintenance About: Click to display the controller version. Tutorial: Click to view the quick Getting Started guide which demonstrates the navigation and tools available for the controller. 45 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 52
location for a visual representation of your network. Devices displays all TP-Link devices discovered on the site and their general information. This list Insight displays a list of statistics of your network device, clients and services during a specified period. You can change the range of date in - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 53
the site. Specify the application scenario of the site. To customize your scenario, click Create New Scenario in the drop-down list. 4. 2. 2 Services Overview In Services, you can view and modify the features applied to devices on the current site. Most features are applied to all devices, such as - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 54
> Site, and configure the following features for the current site in Services. Click Save. LED Automatic Upgrades Channel Limit Mesh Auto Failover Enable or EU countries. (For EAP225/EAP245/EAP225-Outdoor) When enabled, EAPs supporting Mesh can establish the mesh network at the site. (For APs in - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 55
Detection when mesh is enabled. In a mesh network, the APs can send ARP request packets to a fixed IP address to test the connectivity. If the link fails, the status of these APs will change to Isolated. Auto (Recommended): Select this method and the mesh APs will send ARP request packets to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 56
with the WLAN knowledge. If you are not sure about your network conditions and the potential impact of all settings, keep Advanced Features disabled in Services to use their default configurations. Configuration Select a site from the drop down list of Sites in the top-right corner, go to Settings - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 57
disabled, the AP only issues an 802.11v roaming suggestion when a client's link quality drops below the predefined threshold and there is a better option of AP, Steering can improve the network performance because the 5 GHz band supports a larger number of non-overlapping channels and is less - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 58
Chapter 4 Beacon Control Configure the Network with Omada SDN Controller Beacons are transmitted periodically by the EAP to announce the presence of a wireless network for the clients. Click , select the band, and configure the following parameters of Beacon Control. Beacon Interval: Specify how - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 59
Chapter 4 Configure the Network with Omada SDN Controller 4. 3 Configure Wired Networks Wired networks enable your wired devices and clients including the gateway, switches, EAPs and PCs to connect to each other and to the internet. As shown in the following figure, Wired Networks consist of two - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 60
WAN ports is decided by WAN Mode. Go to Settings > Wired Networks > Internet. For WAN connections, choose a Connection Type according to the service provided by your ISP. Connection Type Dynamic IP: If your ISP automatically assigns the IP address and the corresponding parameters, choose Dynamic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 61
Chapter 4 Configure the Network with Omada SDN Controller ■■ Dynamic IP 1. Choose Connection Type as Dynamic IP and configure the following parameters. MAC Address Use Default MAC Address: The WAN port uses the default MAC address to set up the internet connection. It's recommended to use the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 62
Add the WAN port to a VLAN and you need to specify the VLAN. Generally, you don't need to manually configure it unless required by your ISP. QoS Tag The QoS (Quality of Service) function helps to prioritize the internet traffic based on your needs. You can determine the priority level for the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 63
Chapter 4 Configure the Network with Omada SDN Controller ■■ Static IP 1. Choose Connection Type as Static IP and configure the following parameters. IP Address Subnet Mask Default Gateway MAC Address Enter the IP address provided by your ISP. Enter the subnet mask provided by your ISP. Enter - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 64
Add the WAN port to a VLAN and you need to specify the VLAN. Generally, you don't need to manually configure it unless required by your ISP. QoS Tag The QoS (Quality of Service) function helps to prioritize the internet traffic based on your needs. You can determine the priority level for the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 65
Chapter 4 Configure the Network with Omada SDN Controller ■■ PPPoE 1. Choose Connection Type as Static IP and configure the following parameters. Username Password MAC Address Enter the PPPoE username provided by your ISP. Enter the PPPoE password provided by your ISP. Use Default MAC Address: - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 66
Chapter 4 Configure the Network with Omada SDN Controller 2. Click + Advanced Settings and configure the following parameters. Then click Apply. 60 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 67
Add the WAN port to a VLAN and you need to specify the VLAN. Generally, you don't need to manually configure it unless required by your ISP. QoS Tag The QoS (Quality of Service) function helps to prioritize the internet traffic based on your needs. You can determine the priority level for the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 68
Chapter 4 Configure the Network with Omada SDN Controller ■■ L2TP Choose Connection Type as L2TP and configure the following parameters. Then click Apply. Username Password Enter the L2TP username provided by your ISP. Enter the L2TP password provided by your ISP. 62 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 69
1460. Add the WAN port to a VLAN and you need to specify the VLAN. Generally, you don't need to manually configure it unless required by your ISP. The QoS (Quality of Service) function helps to prioritize the internet traffic based on your needs. You can determine the priority level for the traffic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 70
Chapter 4 Configure the Network with Omada SDN Controller ■■ PPTP Choose Connection Type as PPTP and configure the following parameters. Then click Apply. Username Password VPN Server / Domain Name Get IP address from ISP Primary DNS Server / Secondary DNS Server Enter the PPTP username provided - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 71
1420. Add the WAN port to a VLAN and you need to specify the VLAN. Generally, you don't need to manually configure it unless required by your ISP. The QoS (Quality of Service) function helps to prioritize the internet traffic based on your needs. You can determine the priority level for the traffic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 72
address ( or destination port) will be forwarded to the recorded WAN port. This feature ensures that multi-connected applications work properly. Link Backup With Link Backup enabled, the router will switch all the new sessions from dropped lines automatically to another to keep an always on-line - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 73
Chapter 4 4. 3. 2 Configure LAN Networks Configure the Network with Omada SDN Controller Overview The LAN function allows you to configure wired internal network. Based on 802.1Q VLAN, Omada Controller provides a convenient and flexible way to separate and deploy the network. The network can be - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 74
Chapter 4 Purpose Configure the Network with Omada SDN Controller Interface: Create the network with a Layer 3 interface, which is required for inter-VLAN routing. VLAN: Create the network as a Layer 2 VLAN. 3. Configure the parameters according to the purpose for the network. ■■ Interface LAN - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 75
. It uses the IP address specified in the Gateway/Subnet entry as the DNS server address. Manual: Specify DNS servers manually. Enter the IP address of a server in each DNS server field. Specify how long a 66. It specifies the TFTP server information and supports a single TFTP server IP address. 69 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 76
Chapter 4 Option 138 ■■ VLAN Configure the Network with Omada SDN Controller Enter the value for DHCP Option 138. It is used in discovering the devices by the Omada controller. VLAN IGMP Snooping Legal DHCP Servers Enter a VLAN ID with the values between 1 and 4090. Each VLAN can be uniquely - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 77
Chapter 4 Configure the Network with Omada SDN Controller Create a Network Create a Port Profile Assign the Port Profile to the Ports Note: • Three default port profiles are preconfigured on the controller. They can be viewed, but not edited or deleted. All: In the All profile, all networks - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 78
Chapter 4 Configure the Network with Omada SDN Controller 2. Click + Create New Port Profile to load the following page, and configure the following parameters. 72 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 79
Unauthorized: The port remains in the unauthorized state, ignoring all attempts by the client to authenticate. The switch cannot provide authentication services to the client through the port. Click the checkbox to enable Port Isolation. An isolated port cannot communicate directly with any other - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 80
Ingress Rate Limit Egress Rate Limit Broadcast Threshold Multicast Threshold UL-Frame Threshold Action Click the checkbox to enable LLDP-MED (Link Layer Discovery Protocol-Media Endpoint Discovery) for device discovery and auto-configuration of VoIP devices. Select the type of Bandwidth Control - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 81
Chapter 4 Configure the Network with Omada SDN Controller Create a Network Create a Port Profile Assign the Port Profile to the Ports Note: By default, there is a port profile named All, which is assigned to all switch ports by default. In the All profile, all networks except the default - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 82
Chapter 4 Configure the Network with Omada SDN Controller 4. 4 Configure Wireless Networks Wireless networks enable your wireless clients to access the internet. Once you set up a wireless network, your EAPs typically broadcast the network name (SSID) in the air, through which your wireless - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 83
Chapter 4 Configure the Network with Omada SDN Controller 3. (Optional) If you want to create a new WLAN group based on an existing one, check Copy All SSIDs from the WLAN Group and select the desired WLAN group. Then you can further configure wireless networks based on current settings. 4. Click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 84
Chapter 4 Configure the Network with Omada SDN Controller 2. Click + Create New Wireless Network to load the following page. Configure the basic parameters for the network. Network Name (SSID) Enter the network name (SSID) to identify the wireless network. The users of wireless clients choose to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 85
Chapter 4 Configure the Network with Omada SDN Controller ■■ WEP Traffic is encrypted with a WEP Key, which you need to specify. WEP is not recommended because it's insecure. ■■ WPA-Personal Traffic is encrypted with a Security Key, which you need to specify. WPA-Personal is more secure than WEP. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 86
Chapter 4 Configure the Network with Omada SDN Controller Select a RADIUS Profile, which records the settings of the authentication server and accounting server. You can create a RADIUS Profile by clicking + Create New Radius Profile from the drop-down list of RADIUS Profile. For details, refer to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 87
Chapter 4 Configure the Network with Omada SDN Controller ■■ Apply to a Single EAP Go to Devices, select the EAP which you want to apply the WLAN group to. In the Properties window, go to Config > WLANs, select the WLAN group which you want to apply to the EAP. ■■ Apply to EAPs in batch 1. Go to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 88
SSID. With SSID Broadcast disabled, users of wireless clients must enter the SSID manually to connect to the wireless network. To set a wireless VLAN for the IDs. Then the EAPs work together with the switches which also support 802.1Q VLAN, to distribute the traffic to different VLANs according - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 89
Chapter 4 Configure the Network with Omada SDN Controller WEP Mode If you select WEP as the security strategy, you can select the WEP Mode including the WEP authentication type, the WEP key format, and the WEP key length. Select the WEP authentication type. Open System: Wireless clients can pass - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 90
Chapter 4 4. 4. 3 WLAN Schedule Configure the Network with Omada SDN Controller Overview WLAN Schedule can turn on or off your wireless network in the specific time period as you desire. Configuration Go to Settings > Wireless Networks, click in the ACTION column of the wireless network which you - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 91
Chapter 4 Configure the Network with Omada SDN Controller GHz band to enable minimum data rate control according to your needs, move the slider to determine what bit rates your wireless network allows, and configure the parameters. Then click Apply. Disable CCK Rates (1/2/5.5/11 Mbps) Select - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 92
Chapter 4 Configure the Network with Omada SDN Controller Configuration Go to Settings > Wireless Networks, click in the ACTION column of the wireless network which you want to configure, and click + MAC Filter to load the following page. Enable MAC Filter and configure the parameters .Then click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 93
Network Security is a portfolio of features designed to improve the usability and ensure the safety of your network and data. Network security services include ACL, URL Filtering, and Attack Defense, which implement policies and controls on multiple layers of defenses in the network. 4. 5. 1 ACL - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 94
Chapter 4 Configure the Network with Omada SDN Controller 2 ) Define packet-filtering criteria of the rule, including protocols, source, and destination, and determine whether to forward the matched packets. ■■ Configuring Gateway ACL 1. Go to Settings > Network Security > ACL. On Gateway ACL tab - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 95
Chapter 4 Configure the Network with Omada SDN Controller 2. Define packet-filtering criteria of the rule, including protocols, source, and destination, and determine whether to forward the matched packets. Refer to the following table to configure the required parameters and click Apply. Name - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 96
Chapter 4 Configure the Network with Omada SDN Controller ■■ Configuring Switch ACL 1. Go to Settings > Network Security > ACL. Under the Switch ACL tab, click the following page. to load 90 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 97
Chapter 4 Configure the Network with Omada SDN Controller 2. Define packet-filtering criteria of the rule, including protocols, source, and destination, and determine whether to forward the matched packets. Refer to the following table to configure the required parameters. Name Status Enter a - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 98
Chapter 4 Configure the Network with Omada SDN Controller IP-Port Group MAC Group Select the IP-Port Group you have created. If no IP-Port Groups have been created, click +Create on this page or go to Settings > Profiles > Groups to create one. The switch will examine whether the destination IP - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 99
Chapter 4 Configure the Network with Omada SDN Controller ■■ Configuring EAP ACL 1. Go to Settings > Network Security > ACL. Under the EAP ACL tab, click the following page. to load 2. Define packet-filtering criteria of the rule, including protocols, source, and destination, and determine - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 100
Chapter 4 Configure the Network with Omada SDN Controller Policy Protocols Select the action to be taken when a packet matches the rule. Permit: Forward the matched packet. Deny: Discard the matched packet. Select one or more protocol types to which the rule applies from the drop-down list. The - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 101
Chapter 4 4. 5. 2 URL Filtering Configure the Network with Omada SDN Controller Overview URL Filtering allows a network administrator to create rules to block or allow certain websites, which protects it from web-based threats, and deny access to malicious websites. In URL filtering, the system - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 102
Chapter 4 Configure the Network with Omada SDN Controller ■■ Configuring Gateway Rules 1. Go to Settings > Network Security > URL Filtering. Under the Gateway Rules tab, click to load the following page. 2. Define filtering criteria of the rule, including source and URLs, and determine whether to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 103
URL address should be given in a valid format. The URL which contains a wildcard(*) is supported. One URL with a wildcard(*) can match mutiple subdomains. For example, with *.tp-link.com specified, community.tp-link.com will be matched. ■■ Configuring EAP Rules 1. Go to Settings > Network Security - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 104
(*) is supported. One URL with a wildcard(*) can match mutiple subdomains. For example, with *.tp-link.com specified, community.tp-link.com will target device is busy with these fake packets and cannot process normal services. Flood Defense detects flood packets in real time and limits the receiving - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 105
large number of UDP packets to a target host in a short time, the target host is busy with these UDP packets and cannot process normal services. With this feature enabled, the gateway limits the rate of receiving UDP packets from all the clients to the specified rate. Multi-Connections ICMP Flood - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 106
large number of UDP packets to a target host in a short time, the target host is busy with these UDP packets and cannot process normal services. With this feature enabled, the gateway limits the rate of receiving UDP packets from a single client to the specified rate. Stationary Source ICMP Flood - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 107
Chapter 4 Configure the Network with Omada SDN Controller ■■ Configuring Packet Anomaly Defense Go to Settings > Network Security > Attack Defense. In the Packet Anomaly Defense, click the checkbox and set the corresponding limit of the rate at which specific packets are received. Block Fragment - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 108
request from WAN. Block WinNuke Attack With this option enabled, the router will block WinNuke attacks. WinNuke attack refers to a remote DoS (denial-of-service) attack that affects some Windows operating systems, such as the Windows 95. The attacker sends a string of OOB (Out of Band) data to the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 109
Chapter 4 Configure the Network with Omada SDN Controller 4. 6 Transmission Transmission helps you control network traffic in multiple ways. You can add policies and rules to control transmission routes and limit the session and bandwidth. 4. 6. 1 Routing Overview ■■ Static Route Network traffic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 110
Chapter 4 Configure the Network with Omada SDN Controller Destination IP/Subnet Route Type Metric Destination IP/Subnet identifies the network traffic which the Static Route entry controls. Specify the destination of the network traffic in the format of 192.168.0.1/24. You can click + Add Subnet - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 111
Chapter 4 Configure the Network with Omada SDN Controller ■■ Policy Routing 1. Go to Setting > Transmission > Routing > Policy Routing. Click + Create New Routing to load the following page and configure the parameters. Name Status Protocols WAN Enter the name to identify the Policy Routing - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 112
the entry. 4. 6. 2 NAT Overview ■■ Port Forwarding You can configure Port Forwarding to allow internet users to access local hosts or use network services which are deployed in the LAN. Port Forwarding helps establish network connections between a host on the internet and the other in the LAN by - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 113
Chapter 4 Configuration Configure the Network with Omada SDN Controller ■■ Port Forwarding 1. Go to Setting > Transmission > NAT > Port Forwarding. Click + Create New Rule to load the following page and configure the parameters. Name Status Source IP Interface DMZ Enter the name to identify the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 114
Chapter 4 Source Port Destination IP Destination Port Protocol Configure the Network with Omada SDN Controller The gateway uses the Source Port to receive the traffic from the internet. Only the traffic which matches the Source Port and the Protocol is forwarded. The traffic is forwarded to the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 115
Chapter 4 H.323 ALG PPTP ALG SIP ALG IPsec ALG Configure the Network with Omada SDN Controller H.323 ALG allows the IP phones and multimedia devices to set up connections using the H.323 protocol in one of the following scenarios: •• One of the endpoints is in the LAN, while the other is on the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 116
Chapter 4 Configure the Network with Omada SDN Controller 2. In Session Limit Rule List, click + Create New Rule to load the following page and configure the parameters. Name Status Source Type Maximum Sessions Enter the name to identify the Session Limit rule. Enable or disable the Session - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 117
Chapter 4 Configure the Network with Omada SDN Controller Configuration 1. Go to Setting > Transmission > Bandwidth Control. In Bandwidth Control, enable Bandwidth Control globally and configure the parameters. Then click Apply. Threshold Control With Threshold Control enabled, Bandwidth - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 118
Chapter 4 Configure the Network with Omada SDN Controller 2. In Bandwidth Control Rule List, click + Create New Rule to load the following page and configure the parameters. Name Enter the name to identify the Bandwidth Control rule. Status Enable or disable the Bandwidth Control rule. Source - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 119
Chapter 4 Mode Configure the Network with Omada SDN Controller Specify the bandwidth control mode for the specific local hosts. Shared: The total bandwidth for all the local hosts is equal to the specified values. Individual: The bandwidth for each local host is equal to the specified values. 3. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 120
, data transmission and data decompression via the tunneling protocol. The gateway supports common tunneling protocols that a VPN uses to keep the data secure: ■■ IPsec IPsec (IP Security) can provide security services such as data confidentiality, data integrity and data authentication at the IP - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 121
from site B to site A, and nothing is needed to be configured on site B. • Manual IPsec You create an IPsec VPN tunnel between two peer routers over internet manually, from a local router to a remote router that supports IPsec. Omada managed gateway on this site is the local peer router. ■■ Client - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 122
Chapter 4 Configure the Network with Omada SDN Controller When the remote user's gateway works as the VPN client, the gateway helps create VPN tunnels between its connected hosts and the VPN server. The gateway which functions as a VPN client can use L2TP, PPTP, or OpenVPN as the tunneling - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 123
creates an IPsec VPN tunnel between two sites on the same controller. Manual IPsec VPN You manually create an IPsec VPN tunnel between two peer routers over internet, from a local router to a remote router that supports IPsec. Client-to-Site VPN Gateway (Client) Remote User Internet Gateway - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 124
protocol and configure the VPN policy based on the protocol. ■■ Configuring Site-to-Site VPN Omada managed gateway supports two types of Site-to-Site VPNs: Auto IPsec and Manual IPsec. • Configuring Auto IPsec VPN 1. Go to Settings > VPN. Click to load the following page. 2. Enter a name to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 125
Chapter 4 • Configuring Manual IPsec VPN 1. Go to Settings > VPN. Click Configure the Network with Select the purpose for the VPN as Site-to-Site VPN. VPN Type Select the VPN type as Manual IPsec. Status Click the checkbox to enable the VPN policy. Remote Gateway Enter an IP address or a - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 126
Chapter 4 Pre-Shared Key WAN Configure the Network with Omada SDN Controller Enter the pre-shared key(PSK). Both peer gateways must use the same pre-shared secret key for authentication. A pre-shared key is a string of characters that is used as an authentication key. Both peer gateways create a - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 127
Chapter 4 Configure the Network with Omada SDN Controller 3. Click Advanced Settings to load the following page. Advanced settings include Phase-1 settings and Phase-2 settings. Phase-1 is used to set up a secure encrypted channel which the two peers can negotiate Phase-2, and then establish the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 128
Select the version of Internet Key Exchange (IKE) protocol which is used to set up security associations for IPsec. Both IKEv1 and IKEv2 are supported with Omada managed gateways, but IKEv1 is available only when the VPN policy is applied to a single Remote Subnet and a single Local Network. Note - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 129
Chapter 4 Configure the Network with Omada SDN Controller Local ID Type Local ID Remote ID Type Remote ID SA Lifetime DPD DPD Interval Specify the type of Local ID which indicates the authentication identifier sent to the peer for IKE negotiation. IP Address: Select IP Address to use the IP - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 130
) Lifetime in IKE negotiation. If the SA lifetime expired, the related IPsec SA will be deleted. ■■ Configuring Client-to-Site VPN Omada managed gateway supports seven types of client-to-Site VPNs depending on the role of your Omada managed gateway and the protocol that you used: Configuring the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 131
use the same pre-shared secret key for authentication. WAN Select the WAN port on which the L2TP VPN tunnel is established. Each WAN port supports only one L2TP VPN tunnel when the gateway works as a L2TP server. IP Pool Enter the IP address and subnet mask to decide the range - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 132
Maximum Connections. Network Extension Mode: This mode allows only clients from the configured subnet to connect to the server and obtain VPN services. With this mode selected, specify the subnet in Remote Subnets. Maximum Connections With Client mode selected, set maximum number of concurrent VPN - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 133
Chapter 4 Configure the Network with Omada SDN Controller To edit or delete the L2TP users, click the icon in the Action column. View and edit the account information of users. Delete the L2TP user. • Configuring the gateway as a VPN server using PPTP 1. Go to Settings > VPN. Click to load the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 134
networks. Select the WAN port on which the PPTP VPN tunnel is established. Each WAN port supports only one PPTP VPN tunnel when the gateway works as a PPTP server. Enter the IP address to connect to the server and obtain VPN services. With this mode selected, specify the subnet in Remote Subnets. 128 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 135
same account. Remote Subnets With Network Extension Mode selected, only clients from the configured subnet are allowed to connect to the server and obtain VPN services. Click to specify the subnet.. To edit or delete the PPTP users, click the icon in the Action column. View and edit the account - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 136
Chapter 4 VPN Type Status Remote Host Local Networks Pre-Shared Key WAN IP Pool Configure the Network with Omada SDN Controller Select the VPN type as VPN Server - IPsec. Click the checkbox to enable the VPN policy. Enter an IP address or a domain name of the host on the remote peer of the VPN - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 137
Chapter 4 Configure the Network with Omada SDN Controller 3. Click Advanced Settings to load the following page. Advanced settings include Phase-1 settings and Phase-2 settings. Phase-1 is used to set up a secure encrypted channel which the two peers can negotiate Phase-2, and then establish the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 138
Select the version of Internet Key Exchange (IKE) protocol which is used to set up security associations for IPsec. Both IKEv1 and IKEv2 are supported with Omada managed gateways, but IKEv1 is available only when the VPN policy is applied to a single Remote Subnet and a single Local Network. Note - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 139
Chapter 4 Configure the Network with Omada SDN Controller Local ID Type Local ID Remote ID Type Remote ID SA Lifetime DPD DPD Interval Specify the type of Local ID which indicates the authentication identifier sent to the peer for IKE negotiation. IP Address: Select IP Address to use the IP - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 140
the VPN policy. Protocol Select the communication protocol for the gateway which works as an OpenVPN Server. Two communication protocols are available: TCP and UDP. Service Port Enter a VPN service port to which a VPN device connects. 134 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 141
VPN policy will be only applied to the selected local networks. Select the WAN port on which the VPN tunnel is established. Each WAN port supports only one OpenVPN tunnel when the gateway works as a OpenVPN server. Enter the IP address and subnet mask to decide the range of the VPN - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 142
Chapter 4 Configure the Network with Omada SDN Controller • Configuring the gateway as a VPN client using L2TP 1. Go to Settings > VPN. Click to load the following page. 2. Enter a name to identify the VPN policy and select the purpose as Client-to-Site VPN. Refer to the following table to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 143
Chapter 4 Username Password IPsec Encryption Remote Server Remote Subnets Local Networks Pre-shared Key WAN Configure the Network with Omada SDN Controller Enter the username used for the VPN tunnel. This username should be the same as that of the L2TP server. Enter the password of user. This - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 144
Chapter 4 Configure the Network with Omada SDN Controller • Configuring the gateway as a VPN client using PPTP 1. Go to Settings > VPN. Click to load the following page. 2. Enter a name to identify the VPN policy and select the purpose as Client-to-Site VPN. Refer to the following table to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 145
Chapter 4 Configure the Network with Omada SDN Controller Username Password MPPE Encryption Remote Server Remote Subnets Local Networks WAN Enter the username used for the VPN tunnel. This username should be the same as that of the PPTP server. Enter the password of user. This password should be - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 146
Chapter 4 Configure the Network with Omada SDN Controller 2. Enter a name to identify the VPN policy and select the purpose as Client-to-Site VPN. Refer to the following table to configure the required parameters and click Create. Name Enter a name to identify the VPN policy. Purpose Select - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 147
Chapter 4 Configure the Network with Omada SDN Controller 4. 8 Create Profiles Profiles section is used to configure and record your custom settings for site configurations. It includes Time Range and Groups profiles. In Time Range section, you can configure time templates for wireless schedule, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 148
Chapter 4 Configure the Network with Omada SDN Controller 2. Enter a Name for the new entry, select the Day Mode, and specify the time range. Click Apply to save the entry. After saving the newly added entry, you can apply them to site configuration. To apply the customized time range profiles in - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 149
Chapter 4 Delete the entry. Configure the Network with Omada SDN Controller 4. 8. 2 Groups Overview Groups section allows you to customize client groups based on IP, IP-Port, or MAC Address. You can set different rules for the groups profiles which can be shared and applied to ACL, Routing, NAT, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 150
Chapter 4 Configure the Network with Omada SDN Controller ■■ Based on IP Group To configure a group profile based on IP Group, you are required to specify the IP subnets, while subnet mask is optional. You can click +Add Subnet to add new subnets, and click to delete them. ■■ Based on IP-Port - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 151
Chapter 4 Configure the Network with Omada SDN Controller ■■ Based on MAC Group To configure a group profile based on MAC Group, you are required to enter MAC Address(es) in the MAC Addresses List. There are three ways to add MAC address(es) to the MAC Addresses List. Add MAC address singly. Add - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 152
Chapter 4 You can view the name, type, and count in the list. Configure the Network with Omada SDN Controller To view, edit or delete the group entry, click the icon in the Action column. View and edit the parameters in the entry. You cannot change the type when editing the entry. Delete the entry - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 153
Authentication, covering all the needs to authenticate both wired and wireless clients. 4. 9. 1 Portal Overview Portal authentication provides convenient authentication services to the clients that only need temporary access to the network, such as the customers in a restaurant or in a supermarket - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 154
Chapter 4 Configure the Network with Omada SDN Controller • Local User Clients are required to enter the correct username and password of the login account to pass the authentication. • SMS Clients can get verification codes using their mobile phones and enter the received codes to pass the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 155
Chapter 4 ■■ Configuring Portal with No Authentication 1. Go to Settings > Authentication > Portal. Click Configure the Network with Omada SDN Controller to enable Portal and load the following page. 2. Select the SSIDs and LAN networks for the portal to take effect on and configure basic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 156
Chapter 4 Landing Page Configure the Network with Omada SDN Controller Select which page the client will be redirected to after a successful authentication. The Original URL: Clients are directed to the URL they request for after they pass Portal authentication. The Promotional URL: Clients are - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 157
system language of the clients. If the language is not supported, the controller will use the default language specified here. Select entering the hexadecimal HTML color code manually or through the color picker. Click the checkbox and enter text as the terms of service in the following box. Click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 158
Chapter 4 Configure the Network with Omada SDN Controller Click Advertisement Options and customize advertisement pictures on the authentication page. Advertisement Click the checkbox to enable the Advertisement feature. With this feature enabled, you can add advertisement pictures on the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 159
Chapter 4 Configure the Network with Omada SDN Controller 4. In the Access Control section, configure access control rules including Pre-Authentication Access and Authentication-Free Policy if needed. Pre-Authentication Access Pre-Authentication Access List Authentication-Free Policy - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 160
Chapter 4 ■■ Configuring Portal with Simple Password 1. Go to Settings > Authentication > Portal. Click Configure the Network with Omada SDN Controller to enable Portal and load the following page. 2. Select the SSIDs and LAN networks for the portal to take effect on and configure basic parameters - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 161
Chapter 4 Configure the Network with Omada SDN Controller 3. In the Portal Customization section, customize the Portal page including the background picture, logo picture and so on. Type Select the type of the Portal page. Edit Current Page: Edit the related parameters to customize the portal - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 162
system language of the clients. If the language is not supported, the controller will use the default language specified here. Select entering the hexadecimal HTML color code manually or through the color picker. Click the checkbox and enter text as the terms of service in the following box. Click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 163
Chapter 4 Configure the Network with Omada SDN Controller Click Advertisement Options and customize advertisement pictures on the authentication page. Advertisement Click the checkbox to enable the Advertisement feature. With this feature enabled, you can add advertisement pictures on the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 164
Chapter 4 Configure the Network with Omada SDN Controller 4. In the Access Control section, configure access control rules including Pre-Authentication Access and Authentication-Free Policy if needed. Pre-Authentication Access Pre-Authentication Access List Authentication-Free Policy - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 165
Chapter 4 Configure the Network with Omada SDN Controller 2. Select the SSIDs and LAN networks for the portal to take effect on and configure basic parameters. SSID & LAN Network Authentication Type HTTPS Redirection Select one or more SSIDs or LAN networks for the portal. The clients connected - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 166
Chapter 4 Configure the Network with Omada SDN Controller • Configuring SMS Portal Select SMS and configure the required parameters in the SMS section. SMS Clients can get verification codes using their mobile phones and enter the received codes to pass the authentication. Twilio SID Enter the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 167
Chapter 4 Configure the Network with Omada SDN Controller • Configuring RADIUS Portal Select RADIUS and configure the required parameters in the RADIUS section. RADIUS RADIUS Profile Authentication Mode NAS ID Clients are required to enter the correct username and password which are stored in - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 168
Chapter 4 Configure the Network with Omada SDN Controller 4. In the Portal Customization section, customize the Portal page including the background picture, logo picture and so on. Type Select the type of the Portal page. Edit Current Page: Edit the related parameters to customize the portal - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 169
system language of the clients. If the language is not supported, the controller will use the default language specified here. Select entering the hexadecimal HTML color code manually or through the color picker. Click the checkbox and enter text as the terms of service in the following box. Click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 170
Chapter 4 Configure the Network with Omada SDN Controller Click Advertisement Options and customize advertisement pictures on the authentication page. Advertisement Click the checkbox to enable the Advertisement feature. With this feature enabled, you can add advertisement pictures on the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 171
Chapter 4 Configure the Network with Omada SDN Controller 5. In the Access Control section, configure access control rules including Pre-Authentication Access and Authentication-Free Policy if needed. Pre-Authentication Access Pre-Authentication Access List Authentication-Free Policy - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 172
Chapter 4 Configure the Network with Omada SDN Controller ■■ Configuring Portal with External RADIUS Server 1. Go to Settings > Authentication > Portal. Click to enable Portal and load the following page. 2. Select the SSIDs and LAN networks for the portal to take effect on and configure basic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 173
Chapter 4 RADIUS Profile NAS ID Authentication Mode Portal Customization HTTPS Redirection Landing Page Configure the Network with Omada SDN Controller Select the RADIUS profile you have created. If no RADIUS profiles have been created, click from the drop-down list or to create one. The - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 174
Chapter 4 Configure the Network with Omada SDN Controller 3. If you choose Local Web Portal which is provided by the built-in portal server of the controller, customize the Portal page in the Portal Customization section, including the background picture, logo picture and so on. Type Select the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 175
system language of the clients. If the language is not supported, the controller will use the default language specified here. Select entering the hexadecimal HTML color code manually or through the color picker. Click the checkbox and enter text as the terms of service in the following box. Click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 176
Chapter 4 Configure the Network with Omada SDN Controller Click Advertisement Options and customize advertisement pictures on the authentication page. Advertisement Click the checkbox to enable the Advertisement feature. With this feature enabled, you can add advertisement pictures on the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 177
Chapter 4 Configure the Network with Omada SDN Controller 4. In the Access Control section, configure access control rules including Pre-Authentication Access and Authentication-Free Policy if needed. Pre-Authentication Access Pre-Authentication Access List Authentication-Free Policy - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 178
Chapter 4 Configure the Network with Omada SDN Controller ■■ Configuring Portal with External Portal Server 1. Go to Settings > Authentication > Portal. Click to enable Portal and load the following page. 2. Select the SSIDs and LAN networks for the portal to take effect on and configure basic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 179
Chapter 4 Configure the Network with Omada SDN Controller 3. In the Access Control section, configure access control rules including Pre-Authentication Access and Authentication-Free Policy if needed. Pre-Authentication Access Pre-Authentication Access List Authentication-Free Policy - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 180
Chapter 4 ■■ Configuring Portal with Facebook 1. Go to Settings > Authentication > Portal. Click Configure the Network with Omada SDN Controller to enable Portal and load the following page. 2. Select the SSIDs and LAN networks for the portal to take effect on and configure basic parameters. SSID - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 181
page. The controller automatically adjusts the language displayed on the Portal page according to the system language of the clients. If the language is not supported, the controller will use the default language specified here. 175 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 182
can configure your desired text color for the welcome information by entering the hexadecimal HTML color code manually or through the color picker. Click the checkbox and enter text as the terms of service in the following box. Click the checkbox and enter text as the copyright in the following box - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 183
Chapter 4 Configure the Network with Omada SDN Controller Picture Resource Click and select pictures from your PC as the advertisement pictures. When several pictures are added, they will be played in a loop. Advertisement Duration Time Enter the duration time for the advertisement pictures. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 184
TP-Link 802.1X authentication client software on the client hosts, enabling them to request 802.1X authentication to access the LAN. ■■ Authenticator An authenticator is usually a network device that supports identity, 802.1X can also deliver customized services. For example, 802.1X and VLAN - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 185
Chapter 4 Configure the Network with Omada SDN Controller Configuration To complete the 802.1X configuration, follow these steps: 1 ) Click to enable 802.1X. 2 ) Select the RADIUS profile you have created and configure other parameters. 3 ) Select the ports on which 802.1X Authentication will - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 186
protocol (such as RADIUS) packets, and transmitted to the authentication server. To use this authentication mechanism, the RADIUS server should support EAP attributes. Authentication Type Select the 802.1X authentication type. Port Based: After a client connected to the port gets authenticated - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 187
Chapter 4 Configure the Network with Omada SDN Controller Enable 802.1X Configure RADIUS Profile and Parameters Select the Ports Select the ports to enable 802.1X authentication or MAB for them. To enable 802.1X authentication, click the unselected ports. 802.1X-enabled ports will be marked - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 188
. With this option disabled, the password will be the same as the username. 4. 9. 4 RADIUS Profile Overview RADIUS (Remote Authentication Dial In User Service) is a client/server protocol that provides for the AAA (Authentication, Authorization, and Accounting) needs in modern IT environments. 182 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 189
legal users. It authenticates users against the database when the users are requesting to access the network, and provides authorization and accounting services for them. A RADIUS profile records your custom settings of a RADIUS server. After creating a RADIUS profile, you can apply it to multiple - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 190
Chapter 4 Configure the Network with Omada SDN Controller Interim Update Click the checkbox to enable Interim Update. By default, the RADIUS accounting process needs only start and stop messages to the RADIUS accounting server. With Interim Update enabled, Omada devices will periodically send an - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 191
Network After: Remote User can simply use Domain Name to access Local Network through WAN Port. In this example, Domain Name is mysite.ddns.net. Service Provider Use Domain Name (mysite.ddns.net) to access Local Network. Remote User Internet Domain Name is constant: 2020/05/27: mysite.ddns.net - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 192
with Omada SDN Controller Prerequisite: Choose one Service Provider from the four that the controller supports, i.e. DynDNS, No-IP, Peanuthull, Comexe. Register at your Service Provider, then you get your Username and Password. Get your Domain Name from your Service Provider. How Dynamic DNS works - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 193
service provider. If you haven't registered at the service provider, click Go To Register. Enter your password for the service provider. Enter the Domain Name which is provided by your service NMS (Network Management Station). The controller supports multiple SNMP versions including SNMPv1, SNMPv2c - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 194
, the traffic between the endpoints of these applications can freely pass the gateway, thus realizing seamless connections. Configuration Go to Settings > Services > UPnP. Enable UPnP globally and configure the parameters. Then click Apply. Interface Networks Select the WAN port where UPnP takes - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 195
use an SSH terminal to manage devices which are managed by the controller, you can only get the User privilege. Configuration Go to Settings > Services > SSH. Enable SSH Login globally and configure the parameters. Then click Apply. SSH Server Port Layer 3 Accessibility Specify the SSH Sever Port - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 196
Chapter 4 Configure the Network with Omada SDN Controller Configuration 1. Go to Settings > Services > Reboot Schedule. Click + Create New Reboot Schedule to load the following page and configure the parameters. Name Status Occurrence Devices List Enter the name to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 197
Chapter 4 Configure the Network with Omada SDN Controller Configuration 1. Go to Settings > Services > PoE Schedule. Click + Create New PoE Schedule to load the following page and configure the parameters. Name Status Time Range Devices List Enter the name - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 198
Chapter 4 Configure the Network with Omada SDN Controller Configuration Go to Settings > Services > Export Data. Select the type of data from the export list and click Export. Export List Running Log: Export the day-to-day running log of the controller. 192 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 199
5 Configure the Omada SDN Controller Controller Settings control the appearance and behavior of the controller and provide methods of data backup, restore and migration: • Manage the Controller • Manage Your Controller Remotely via Cloud Access • Maintenance • Migration • Auto Backup - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 200
Chapter 5 5. 1 Manage the Controller Configure the Omada SDN Controller 5. 1. 1 General Settings Configuration Go to Settings > Controller. In General Settings, configure the parameters and click Save. ■■ For Omada Hardware Controller Controller Name Specify the Controller Name to identify the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 201
Server feature works with the SMTP (Simple Mail Transfer Protocol) service provided by an email service provider. Configuration 1. Log in to your email account and enable the SMTP (Simple Mail Transfer Protocol) Service. For details, refer to the instructions of your email service provider. 195 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 202
the port used by the SMTP server according to the instructions of the email service provider. Enable or disable SSL according to the instructions of the email service provider. SSL (Secure Sockets Layer) is used to create an encrypted link between the controller and the SMTP server. Enable or - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 203
Improvement Program Configuration Click the checkbox if you agree to participate in the customer experience improvement program and help improve the quality and performance of TP-Link products by sending statistics and usage information. 197 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 204
Chapter 5 5. 1. 5 HTTPS Certificate Configure the Omada SDN Controller Overview If you have assigned a domain name to the controller for login, to eliminate the "untrusted certificate" error message that will appear in the login process, you can import the corresponding SSL certificate and private - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 205
Chapter 5 Configure the Omada SDN Controller Configuration Go to Settings > Controller. In Access Port Config, configure the parameters and click Save. HTTPS Port for Controller Management Specify the HTTPS port used by the controller for management. After setting the port, you can visit https - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 206
> Cloud Access. Enable Cloud Access. 2 ) Enter your TP-Link ID and password. Then click Log In and Bind. ■■ For Omada Cloud-Based Controller Your Omada Cloud-Based Controller is based on the Cloud, so it's naturally accessible through Cloud Service. No additional preparation is needed. 200 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 207
Chapter 5 Configure the Omada SDN Controller 2. Access your controller through Cloud Service Go to Omada Cloud and login with your TP-Link ID and password. A list of controllers that have been bound with your TP-Link ID will appear. Then click to manage the controller. 201 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 208
Chapter 5 5. 3 Maintenance Configure the Omada SDN Controller 5. 3. 1 Controller Status Go to Settings > Maintenance. In Controller Status, you can view the controller-related information and status. Controller Name MAC Address System Time Uptime Controller Version Displays the controller name, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 209
Chapter 5 Configure the Omada SDN Controller Configuration Go to Settings > Maintenance. In User Interface, configure the parameters and click Apply. Use 24-Hour Time Statistic/Dashboard Timezone Fixed Menu With Use 24-Hour Time enabled, time is displayed in a 24-hour format. With Use 24Hour - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 210
updates in real time some part of its data on the web interface, which is transmitted using the WebSocket service, so that you don't need to refresh them manually. 5. 3. 3 Backup & Restore Overview You can backup the configuration and data of your controller to prevent any loss of important - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 211
allow users to migrate the configurations and data to any other controller. Migration services include Site Migration and Controller Migration, covering all the needs to migrate both a single site and the whole controller. 5. 4. 1 Site Migration Overview Site Migration allows - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 212
Chapter 5 Configure the Omada SDN Controller Export Site Migrate Site Migrate Devices 3. Go to Settings > Migration. On the Site Migration tab, click start button on the following page. 4. Select the site to be imported into the second controller in the Select Site drop-down list. Click Export - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 213
Chapter 5 Configure the Omada SDN Controller Export Site Migrate Site Migrate Devices 1. Start and log in to the target controller, click the top right corner of the screen and select , and then the following window will pop up. 2. Enter a unique name for the new site. Click Browse to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 214
Chapter 5 Configure the Omada SDN Controller Export Site Migrate Site Migrate Devices 1. Enter the IP address or URL of your target controller into Controller IP/Inform URL input filed. In this case, the IP address of the target controller is 10.0.3.23. Note: Make sure that you enter the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 215
Chapter 5 Configure the Omada SDN Controller 2. Select the devices that are to be migrated by clicking the box next to each device. By default, all the devices are selected. Click Migrate Devices to migrate the selected devices to the target controller. 209 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 216
Chapter 5 Configure the Omada SDN Controller 3. Verify that all the migrated devices are visible and connected on the target controller. When all the migrated devices are in Connected status on the Device page on the target controller, click Forget Devices to finish the migration process. 4. When - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 217
Chapter 5 Configure the Omada SDN Controller The process of migrating configurations and data from the current controller to another controller can be summarized in three steps: Export Controller, Migrate Controller and Migrate Devices. Controller Migration Controller A Controller B 1 Export - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 218
Chapter 5 Configure the Omada SDN Controller Export Controller Migrate Controller Migrate Devices 1. Go to Settings > Migration. On the Controller Migration tab, click start button on the following page. 212 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 219
Chapter 5 Configure the Omada SDN Controller 2. Select the length of time in days that data will be backed up in the Retained Data Backup, and click Export to export the configurations and data of your current controller as a backup file. If you have backed up the file, click Skip. Export - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 220
Chapter 5 Configure the Omada SDN Controller 2. After the file has been imported to the target controller, go back to the previous controller and click Confirm. Export Controller Migrate Controller Migrate Devices 1. Enter the IP address or URL of your target controller into Controller IP/ - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 221
Chapter 5 Configure the Omada SDN Controller 2. Select the devices that are to be migrated by clicking the box next to each device. By default, all the devices are selected. Click Migrate Devices to migrate the selected devices to the target controller. 215 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 222
Chapter 5 Configure the Omada SDN Controller 3. Verify that all the migrated devices are visible and connected on the target controller. When all the migrated devices are in Connected status on the Device page on the target controller, click Forget Devices to finish the migration process. When - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 223
Chapter 5 5. 5 Auto Backup Configure the Omada SDN Controller Overview With Auto Backup enabled, the controller will be scheduled to back up the configurations and data automatically at the specified time. You can easily restore the configurations and data when needed. Note: • For OC200, Auto - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 224
backup file. The exported file will be saved in the saving path of your web browser. Delete the backup file. Note: • To back up data manually and restore the data to the controller, refer to Backup & Restore to configure Backup&Restore. • The configuration of cloud users can be neither backed up - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 225
6 Configure and Monitor Omada Managed Devices This chapter guides you on how to configure and monitor Omada managed devices, including gateways, switches and EAPs. You can configure the devices individually or in batches to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 226
Chapter 6 Configure and Monitor Omada Managed Devices 6. 1 Introduction to the Devices Page Overview The Devices page displays all TP-Link devices discovered by the controller and their general information. For an easy monitoring of the devices, you can customize the column and filter the devices - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 227
Chapter 6 Configure and Monitor Omada Managed Devices The connected device has lost connection with the controller for more than 5 minutes. (For APs in the mesh network) When this icon appears with a status icon, it indicates the EAP with mesh function and no wired connection is detected by the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 228
device. Click to upgrade the device's firmware version. This icon appears when the device has a new firmware version. For Automatic Upgrades, refer to Services. ■■ Batch Edit (for Switches and EAPs) After selecting the Gateway/Switches or APs tab, you can adopt or configure the switches or EAPs in - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 229
all in the Pending status, the controller will adopt then with the default username and password. If not, enter the username and password manually to adopt the devices. Click , select Batch Config, click the checkboxes of devices, and click Edit Selected. Then the Properties window appears. There - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 230
Chapter 6 Configure and Monitor Omada Managed Devices 6. 2 Configure and Monitor the Gateway In the Properties window, you can configure the gateway managed by the controller and monitor the performance and statistics. By default, all configurations are synchronized with the current site. To open - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 231
The device's LED will work following the settings of the site. To view and modify the site settings, refer to Services. On/Off: The device's LED will keep on/off. ■■ Services In Services, you can configure SNMP to write down the location and contact detail, and enable IGMP Proxy to detect multicast - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 232
Devices ■■ Advanced In Advanced, you can configure Hardware Offload, LLDP (Link Layer Discovery Protocol) and Echo Server to make better use of network monitor the latency of the network automatically or manually. If you click Custom, enter the IP address or hostname of your custom server. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 233
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Manage Device In Manage Device, you can upgrade the device's firmware version manually, move it to another site, synchronize the configurations with the controller, and forget the router. Custom Upgrade Move to Site Force Provision Forget - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 234
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Common Settings In Common Settings, you can click the path to jump to corresponding modules quickly. 6. 2. 2 Monitor the Gateway One panel and three tabs are provided to monitor the device in the Properties window: Monitor Panel, Details, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 235
Chapter 6 Configure and Monitor Omada Managed Devices You can hover the cursor over the port icon for more details. Details In Details, you can view the basic information of the router and statistics of WAN ports to know the device's running status briefly. ■■ Overview In Overview, you can view - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 236
Chapter 6 Configure and Monitor Omada Managed Devices ■■ WAN In WAN, you can view the basic information and statistics of the WAN port, such as the IP address, speed, duplex, and upload and download traffic. Network In Network, you can view the network information of the router, including the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 237
Chapter 6 Configure and Monitor Omada Managed Devices Statistics In Statistics, you can monitor the CPU and memory of the device in last 24 hours via charts. To view statistics of the device in a certain period, click the chart to jump to View the Statistics of the Network. 231 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 238
in Ports, and in Config, you can configure the switch features. Ports Port and LAG are two tabs designed for physical ports and LAGs (Link Aggregation Groups), respectively. Under the Port tag, all ports are listed but you can configure physical ports only, including overriding the applied profiles - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 239
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Port In Port, you can view and configure all ports' names and applied profiles. Status Profile Action Displays the port status in different colors. : The port profile is Disabled. To enable it, click to change the profile. : The port is - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 240
Chapter 6 Configure and Monitor Omada Managed Devices To configure a single port, click in the table. To configure ports in batches, click the checkboxes and then click Edit Selected. Then you can configure the port name and profile. By default, all settings are Keep Existing for batch - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 241
Chapter 6 Configure and Monitor Omada Managed Devices • Override the Applied Profile If you select Switching for Operation, configure the following parameters and click Apply to override the applied profile. To discard the modifications, click Remove Overrides and all profile configurations will - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 242
any means. The switch cannot provide authentication services to the client through the port. duplex automatically. Manual: Specify the speed and duplex from the drop-down list manually. Click . Click the checkbox to enable LLDP-MED (Link Layer Discovery Protocol-Media Endpoint Discovery) for device - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 243
a copy of traffics passing through the mirrored port to the mirroring port. You can use mirroring to analyze network traffic and troubleshoot network problems. To configure Mirroring, select the mirrored port or LAG, specify the following parameters, and click Apply. To discard the modifications - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 244
member ports of LAG cannot be selected as mirrored ports. PoE Mode Link Speed Spanning Tree Ingress Rate Limit (Only for PoE ports) Select negotiates the speed and duplex automatically. Manual: Specify the speed and duplex from the drop-down list manually. Click the checkbox to enable Spanning - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 245
up to eight member ports. All the member ports share the bandwidth evenly. If an active link fails, the other active links share the bandwidth evenly. • One LACP LAG supports multiple member ports, but at most eight of them can work simultaneously, and the other member ports are backups. Using - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 246
your switch. For example, if your switch supports up to 14 LAGs, the valid value ranges from 1 to 14. Select the LAG type as Static LAG, and the member ports are added to the LAG manually. Select the LAG type as LACP (Link Aggregation Control Protocol), and the switch use LACP to implement - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 247
Chapter 6 Configure and Monitor Omada Managed Devices ■■ LAG LAGs (Link Aggregation Groups) are logical interfaces aggregated, which can increase link bandwidth and enhance the connection reliability. You can view and edit the LAGs under the LAG tab. To configure physical ports as a LAG, refer to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 248
the LAG members and configure the following parameters. Link Speed Spanning Tree Select the speed mode for the port. Auto: The port negotiates the speed and duplex automatically. Manual: Specify the speed and duplex from the drop-down list manually. Click the checkbox to enable Spanning Tree. It - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 249
the traffic exceeds the limit. Config In Config, click the sections to configure the features applied to the selected switch(es), including the general settings, services, and networks. 243 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 250
's LEDs work. Use Site Settings: The device's LED will work following the settings of the site. To view and modify the site settings, refer to Services. On/Off: The device's LED will keep on/off. Select a tag from the drop-down list or create a new tag to categorize the device. 244 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 251
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Services In Services, you can configure Management VLAN, Loopback Control and SNMP. Management VLAN To configure Management VLAN, create a network in LAN first, and then select it as - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 252
device) Configure SNMP to write down the location and contact detail. You can also click Manage to jump to Settings > Services > SNMP, and for detailed configuration of SNMP service, refer to SNMP. ■■ IP Settings (Only for configuring a single device) In IP Settings, select an IP mode and configure - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 253
Chapter 6 Configure and Monitor Omada Managed Devices If you select Static as the mode, set the IP address, IP mask, gateway, and DNS server for the static address. 247 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 254
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Manage Device In Manage Device, you can upgrade the device's firmware version manually, move it to another site, synchronize the configurations with the controller and forget the switch. Custom Upgrade Move to Site Force Provision Click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 255
Chapter 6 Forget Configure and Monitor Omada Managed Devices Click Forget and then the device will be removed from the controller. Once forgotten, all configurations and history related to the device will be wiped out. 6. 3. 2 Monitor Switches One panel and four tabs are provided to monitor the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 256
Chapter 6 Tx Bytes Rx Bytes Profile PoE Power Uplink Mirroring From LAG ID Configure and Monitor Omada Managed Devices Displays the amount of data transmitted as bytes. Displays the amount of data received as bytes. Displays the name of profile applied to the port, which defines how the packets in - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 257
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Uplink (Only for the switch connected to an Omada-managed router/switch in Connected status) Click Uplink to view the uplink information, including the uplink port, the uplink device, the negotiation speed, and transmission rate. ■■ - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 258
Chapter 6 Configure and Monitor Omada Managed Devices Statistics In Statistics, you can monitor the CPU and memory of the device in last 24 hours via charts. To view statistics of the device in certain period, click the chart to jump to View the Statistics of the Network. 252 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 259
Chapter 6 Configure and Monitor Omada Managed Devices 6. 4 Configure and Monitor EAPs In the Properties window, you can configure one or some EAPs connected to the controller and monitor the performance and statistics. Configurations changed in the Properties window will be applied only to the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 260
's LEDs work. Use Site Settings: The device's LED will work following the settings of the site. To view and modify the site settings, refer to Services. On/Off: The device's LED will keep on/off. Select a tag from the drop-down list or create a new tag to categorize the device. ■■ IP - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 261
Chapter 6 Configure and Monitor Omada Managed Devices address to hold an IP address in reserve for the situation in which the device fails to get a dynamic IP address. Enable Fallback IP and then set the IP address, IP mask and gateway. 255 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 262
Chapter 6 Configure and Monitor Omada Managed Devices If you select Static as the mode, set the IP address, IP mask, gateway, and DNS server for the static address. 256 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 263
20% (round off the value) Medium: Min. TxPower + (Max. TxPower-Min. TxPower) * 60% (round off the value) High: Max. TxPower Custom: Specify the value manually. ■■ WLANs In WLANs, you can apply the WLAN group to the EAP and specify a different SSID name and password to override the SSID in the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 264
Chapter 6 Configure and Monitor Omada Managed Devices use the new password to access the network. To create or edit WLAN groups, refer to Configure Wireless Networks. (Only for configuring a single device) To override the SSID, select a WLAN group, click in the entry and then the following page - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 265
device) Configure SNMP to write down the location and contact detail. You can also click Manage to jump to Settings > Services > SNMP, and for detailed configuration of SNMP service, refer to SNMP. ■■ Advanced In Advanced, configure Load Balance and QoS to make better use of network resources. Load - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 266
Chapter 6 Select the frequency band Configure and Monitor Omada Managed Devices and configure the following parameters and features. Max Associated Clients RSSI Threshold Enable this function and specify the maximum number of connected clients. If the connected client reaches the maximum number, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 267
Chapter 6 Configure and Monitor Omada Managed Devices ETH VLAN/ETH2 VLAN/ ETH3 VLAN (Only for Wall Plate AP) Enable this function and add the corresponding AP's LAN port to the VLAN specified here. Then the hosts connected to this EAP can only communicate with the devices in this VLAN. ETH3 PoE - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 268
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Manage Device In Manage Device, you can upgrade the device's firmware version manually, move it to another site, synchronize the configurations with the controller and forget the AP. Custom Upgrade Move to Site Force Provision Click Browse - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 269
Chapter 6 Forget this AP Configure and Monitor Omada Managed Devices Click Forget and then the device will be removed from the controller. Once forgotten, all configurations and history related to the device will be wiped out. 6. 4. 2 Monitor EAPs One panel and four tabs are provided to monitor - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 270
Chapter 6 Tx Error/Dropped Rx Error/Dropped Configure and Monitor Omada Managed Devices Displays the percentage of transmit packets that have errors and the percentage of packets that were dropped. Displays the percentage of receive packets that have errors and the percentage of packets that were - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 271
Chapter 6 Configure and Monitor Omada Managed Devices ■■ Uplink (Wireless) (Only for devices in the Connected status) Click Uplink (Wireless) to view the traffic information related to the uplink AP, including the signal strength, transmission rate, ratio of packets number and size, and dynamic - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 272
EAPs. Meanwhile, because of the ability to self-organize and selfconfigure, mesh also can efficiently reduce the configuration. Note that only certain EAP models support Mesh, and the EAPs should be in the same site to establish a Mesh network. To understand how mesh can be used, the following terms - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 273
Chapter 6 Configure and Monitor Omada Managed Devices A common mesh network is shown as below. Only the root AP is connected by an Ethernet cable, while other APs have no wired data connection. Mesh allows the isolated APs to communicate with preconfigured root AP on the network. Once powered up, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 274
Configure and Monitor Omada Managed Devices 2. Go to Devices to adopt a pending AP or link an isolated AP. In Mesh, if the selected AP is an uplink AP, this Rescan to search the available uplink APs and refresh the list, and click Link to connect the uplink AP and build up a mesh network. 268 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 275
Chapter 6 Configure and Monitor Omada Managed Devices Statistics In Statistics, you can monitor the utilization of the device in last 24 hours via charts, including CPU/ Memory Monitor, Channel Utilization, Dropped Packets, and Retried Packets. To view statistics of the device in certain period, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 276
7 Monitor and Manage the Clients This chapter guides you on how to monitor and manage the clients through the Clients page using the clients table and the properties window and the Hotspot Manager - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 277
Chapter 7 Monitor and Manage the Clients 7. 1 Manage Wired and Wireless Clients in Clients Page 7. 1. 1 Introduction to Clients Page The Clients page offers a straight-forward way to manage and monitor clients. It displays all connected wired and wireless clients in the chosen site and their - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 278
to block the client in the chosen site. You can view blocked clients in Known Clients. (With portal authentication enabled) Click to manually authorize the client that has not passed the portal authentication. (With portal authentication enabled) Click to unauthorize the client that has passed the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 279
Chapter 7 Monitor and Manage the Clients 7. 1. 3 Using the Properties Window to Monitor and Manage the Clients In Properties window, you can view more detailed information about the connected client(s) and manage them. To open the Properties window, click the entry of a single client, or click the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 280
Chapter 7 Monitor and Manage the Clients Under the History tab, you can view the connection history of the client. 274 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 281
Chapter 7 ■■ Manage a Single Client In Config, you can configure the following parameters: Monitor and Manage the Clients Alias Rate Limit Use Fixed IP Address Specify the client's alias to better identify different clients, and the alias is used as the client's username in the table on the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 282
such as the Layer 3 switch and the gateway. Use Fixed IP Address: Select a network and assign fixed IP addresses to the chosen clients manually. To view and configure networks, refer to Configure Wired Networks. Note that an Omada-managed gateway is required for this function. Otherwise, you cannot - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 283
Chapter 7 Monitor and Manage the Clients You can view their names and IP addresses in the Clients tab and remove client(s) from Batch Client Configuration by clicking in the Action column. 277 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 284
Chapter 7 Monitor and Manage the Clients 7. 2 Manage Client Authentication in Hotspot Manager Hotspot Manager is a portal management system for centrally monitoring and managing the clients authorized by portal authentication. The following four tabs are provided in the system for a easy and - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 285
Chapter 7 Monitor and Manage the Clients clients for them to access the network via portal authentication. For detailed configurations, refer to Portal. Create vouchers Follow the steps below to create vouchers for authentication: 1. Click Hotspot Manager from the drop-down list of Sites and - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 286
Chapter 7 Monitor and Manage the Clients Amount Type Duration Download/Upload Limit Traffic Limit Description (optional) Specify the number of voucher codes you want to create. Select a type to limit the usage counts or the number of authorized users of a voucher code. Limited Usage Counts: The - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 287
can use the codes to pass authentication. If a voucher code expires, it will be automatically removed from the list. 6. To delete certain vouchers manually, click multiple voucher codes at a time. to delete a single voucher, or Delete to delete 7. 2. 3 Local Users The Local Users tab is used to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 288
Chapter 7 Monitor and Manage the Clients To create local user accounts, follow the steps below. 1. Click Hotspot Manager from the drop-down list of Sites and click Local Users in the pop-up page. 2. Create Local User accounts through two different ways. ■■ Create Local User accounts Click +Create - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 289
Dynamic Type Binding. No Binding: No MAC address is bound to the local user account. Static Binding: Bind a MAC address to this user account manually. Then only the user with the this MAC address can use the username and password to pass the authentication. Dynamic Binding: The MAC address of - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 290
Chapter 7 Monitor and Manage the Clients ■■ Create Local User accounts from files. Click on the upper-right, and the following window pops up. Select a file in the format of CVS or Excel, and click Import. To see required parameters and corresponding explanation, refer to Create Local User - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 291
Chapter 7 Monitor and Manage the Clients operators have no privileges to create operator accounts, which offers convenience and ensures security for client authentication. Create Operators To create operator accounts, follow the steps below. 1. Click Hotspot Manager from the drop-down list of - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 292
Chapter 7 Monitor and Manage the Clients 4. The operator accounts are created and displayed in the table. You can view the information of the create operator accounts on the page, search certain accounts through the name and notes, and use icons for management. Click to edit the parameters for - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 293
8 Monitor the Network This chapter guides you on how to monitor the network devices, clients, and their statistics. Through visual and real-time presentations, Omada SDN Controller keeps you informed about - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 294
Chapter 8 8. 1 View the Status of Network with Dashboard Monitor the Network 8. 1. 1 Page Layout of Dashboard Dashboard is designed for a quick real-time monitor of the site network. An overview of network topology is at the top of Dashboard, and the below is a tab bar followed with customized - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 295
Chapter 8 Monitor the Network Topology Overview Topology Overview on the top shows the status of ISP Load and numbers of devices, clients and guests. ISP Load has four statuses: Unknown, Good, Medium, Poor. You can hover the cursor over the gateway, switch, AP, client or guest icons to check - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 296
Chapter 8 Monitor the Network In the tab bar, you can take the following action to edit the tabs and customize the widget to be displayed. Click the icon to edit the tabs. For the default tabs, you can reset them to the default settings. For a created tab, you can edit its name or delete it. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 297
. For detailed configuration, refer to Manage Administrator Accounts of Omada SDN Controller and Manage Your Controller Remotely via Cloud Access in this guide. Network Widgets in Network use lists and charts to illustrate the traffic status of wired and wireless networks in the site, including - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 298
Chapter 8 Monitor the Network To view all the devices discovered by the controller, click Details to jump to the Devices section. You can also click the traffic number in the widget to open the device's Properties window for further configurations and monitoring. For details, refer to Configure - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 299
Chapter 8 Monitor the Network ■■ Wi-Fi Summary The Wi-Fi Summary widget summarizes the real-time status of wireless networks in the site, including the number of connected EAPs and clients, the channel utilization, and the total number of traffic within the time range. ■■ Traffic Distribution The - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 300
Chapter 8 Monitor the Network device category the clients connected to, the middle is by the device name, and the outer is by the frequency band. You can hover the cursor over the slice to view specific values. ■■ Traffic Activities The Traffic Activities widget displays the Tx and Rx data of - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 301
Chapter 8 Monitor the Network ■■ Retried Rate/Dropped Rate The Retried Rate/Dropped Rate widget displays the rate of retried and dropped packets of the connected EAPs within the time range. Select an AP from the list and click the tab to display the chart of retried rate or dropped rate. You can - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 302
Chapter 8 Monitor the Network open the client's Properties window for further configurations and monitoring. For details, refer to Client. ■■ Client Activities The Client Activities widget displays how the number of connected client changes over time within the time range. In the stacked chart, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 303
Chapter 8 Monitor the Network three failure reasons using gray colors from dark to light. Click the reason in the list to view the distribution of failures on EAPs. Association Timeout The connection failed because of session timeout. Blocked by Access Control The connection failed because the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 304
Chapter 8 Monitor the Network 8. 2 View the Statistics of the Network Statistics provides a visual representation of device data in Omada SDN Controller. You can easily monitor the network traffic and performance under the following tabs, Performance, Switch Statistics, and Speed Test Statistics. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 305
Chapter 8 Monitor the Network ■■ User Counts The User Counts graph displays the number of users connected to the devices during the selected time range. Hover the cursor over the line to display the specific values. ■■ Usage The Usage graph uses the orange line and yellow line to display the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 306
Chapter 8 Monitor the Network ■■ Packets The Packets graph uses the dark blue line and light blue line to display the number of packets transmitted and received during the selected time range, respectively. Hover the cursor over the lines to display the specific values. ■■ Dropped The Dropped - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 307
Chapter 8 Monitor the Network ■■ Retries The Retries graph uses the dark blue line and light blue line to display the number of times that the data packets are transmitted again and received again during the selected period, respectively. Hover the cursor over the lines to display the specific - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 308
Chapter 8 Monitor the Network Select bps, Bytes or Packets to specify the data type and measuring unit. bps: Displays the traffic rate in bps. Bytes: Displays the traffic statistics in Bytes. Packets: Displays the total number of packets. If you select Packet, click the tab to specify which type - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 309
, including the network latency and speed. To enable the speed test, go to Settings > Sites, enable Periodic Speed Test in Service, and specify the test interval. For details, refer to Services. Tab Bar The tab and calendar on the top are used to specify the displayed statistics, and the legends on - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 310
Chapter 8 Monitor the Network ■■ Latency The Latency graph displays the time that it takes for a packet to travel from the gateway to the service provider's gateway. ■■ Speed The Speed graph uses the blue line and green line to display the upload and download speed of the WAN port, respectively. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 311
Chapter 8 Monitor the Network 8. 3 Monitor the Network with Map In the Map section, you can look over the topology and device provisioning of network in Topology, and customizes a visual representation of your network in Map. 8. 3. 1 Topology Go to Map > Topology, and you can view the topology - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 312
8 Monitor the Network For a better overview of the network topology, you can control the display of branches, the size of the diagram, and the link labels. ■■ Display of Branches The default view shows the all devices connected by solid and dotted lines. Click the icon of the client group to - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 313
, duplex type, and connected port number. Note that only the switch's port number can be displayed in the label. (For Link Aggregation) Displays the LAG speed, duplex type, LAG ID, and the port number of LAG members. (For wireless connections between APs) Displays the RSSI (displayed - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 314
Chapter 8 Monitor the Network ■■ Customize Map Click the following icons to add, edit, and select the map. After selecting a map, click and drag in the devices from the Devices list to place it on the map according to the actual locations. Click to add a map. In the pop-up window, enter the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 315
Chapter 8 Monitor the Network ■■ Diagram Size Click the icons at the right corner to adjust the size of the topology and view the legends. Click to fit the map to the web page. Click to zoom in the map. Click to zoom out the map. 309 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 316
Chapter 8 Monitor the Network 8. 4 View the Statistics During Specified Period with Insight In the Insight page, you can monitor the site history of connected clients, portal authorizations, and rouge APs. For a better monitoring, you can specify the time period and classify the clients and APs. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 317
Chapter 8 Monitor the Network Click the tabs to filter the clients listed in the table. The three tabs can take effect simultaneously. All/Wireless/Wired: Click All to display both wireless and wired clients. Click Wireless or Wired to display wireless or wired clients only. All/Users/Guests: Click - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 318
Chapter 8 A search bar and a time selector are above the table for searching and filtering. Monitor the Network Enter the client name or MAC address to search the clients. Filter the clients based on Start Time. Click the selector to open the calendar. Click a specific date twice in the calendar - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 319
Channel Security Beacon Location Signal Last Seen Monitor the Network Click to scan rogue APs. It may take several minutes, and the wireless service may be influenced during scanning. A string with a similar form as MAC address to recognize access points. Displays the operation channel and standard - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 320
5 View and Manage Logs The controller uses logs to record the activities of the system, devices, users and administrators, which provides powerful supports to monitor operations and diagnose anomalies. In the Logs page, you can conveniently monitor the logs in Alerts and Events, and configure their - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 321
Chapter 8 Monitor the Network 8. 5. 1 Alerts Alerts are the logs that need to be noticed and archived specially. You can configure the logs as Alerts in Notifications, and all the logs configured as Alerts are listed under the Alerts tab for you to search, filter, and archive. Click to change the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 322
Chapter 8 Content Time Archive All Monitor the Network Displays the log types and detailed message. You can click the device name, client name to open its Properties window for detailed information. Displays when the activity happened. Click to archive all unarchived logs. Click to archive the log - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 323
Chapter 8 Content Time Monitor the Network Enter the content types, severity levels, or key words to search the logs. Click the tabs to filter the logs listed in the table. The two tabs can take effect simultaneously. All/Errors/Warnings/Info: Click All to display logs in both Error and Warning - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 324
Chapter 8 Monitor the Network To specify the logs as Alert/Event, click the corresponding checkboxes of logs and click Apply. The following icons and tab are provided as auxiliaries. Reset to Default Click to reset all notification configurations in the current site to the default. Click the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 325
the port used by the SMTP server according to the instructions of the email service provider. Enable or disable SSL according to the instructions of the email service provider. SSL (Secure Sockets Layer) is used to create an encrypted link between the controller and the SMTP server. Enable or - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 326
Network Enable Mail Server Enable Alert Emails in Site Enable Alert Emails in Admin 1. Go to Settings > Site and enable Alert Emails in the Services section. 2. (Optional) On the same page, enable Send similar alerts within seconds in one email and specify the time interval. When enabled, the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 327
Chapter 8 Monitor the Network Enable Alert Emails in Site Enable Alert Emails in Admin Enable Alert Emails in Logs Go to Admin and configure Alert Emails for the administrators and viewers to receive the emails. Click + Add New Admin Account to create an account or click to edit an account. - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 328
Chapter 8 Monitor the Network Enable Alert Emails in Site Enable Alert Emails in Admin Enable Alert Emails in Logs Go to Logs and click Notifications. Click a tab of content types and enable Email for the activity logs that the controller emails administrators. Click Save. 322 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 329
9 Manage Administrator Accounts of Omada SDN Controller This chapter gives an introduction to different user levels of administrator accounts and guides you on how to create and manage them in the Admin page. The chapter includes the following sections: • Introduction to User Accounts • Manage and - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 330
Chapter 9 Manage Administrator Accounts of Omada SDN Controller 9. 1 Introduction to User Accounts Omada SDN Controller offers three levels of access available for users: master administrator, administrator, and viewer. Because the controller can be accessed both locally and via cloud access, - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 331
Chapter 9 Manage Administrator Accounts of Omada SDN Controller 9. 2 Manage and Create Local User Accounts By default, Omada SDN Controller automatically sets up a local user with the role called master administrator as the primary administrator. The username and password of the master - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 332
Chapter 9 Manage Administrator Accounts of Omada SDN Controller 2. Basic information including role and device permissions is shown. You can change the password and enable alert emails by checking the box. Click Save. 326 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 333
Chapter 9 Manage Administrator Accounts of Omada SDN Controller 9. 2. 2 Create and Manage Administrator and Viewer To create and manage local user account, follow these steps: 1. Click + Add New Admin Account. 327 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 334
Chapter 9 Manage Administrator Accounts of Omada SDN Controller 2. Select Local User for the administrator type in the pop-out window. Specify the parameters and click Create. Username Password Role Specify the username. The username should be different from the existing ones. Specify the - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 335
alert emails. Check the box if you want the created user to receive emails about alerts of the privileged sites. For detailed configurations, refer to Services. To edit and delete the accounts, click icons in the Action Column. To edit the parameters for the user. Master administrator can edit all - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 336
1 Set Up the Cloud Master Administrator For software and hardware controller, if you have not enabled the cloud access and bound the controller with a TP-Link ID in quick setup, to set up the cloud master administrator, follow these steps: 1. Go to Settings > Cloud Access to enable Cloud Access and - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 337
Chapter 9 1. Click + Add New Admin Account. Manage Administrator Accounts of Omada SDN Controller 2. Select Cloud User for the administrator type in the pop-out window. Specify the parameters and click Invite. 331 - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 338
email address. If the email address has already been registered as a TP-Link ID, it will become a valid cloud user after accepting the invitation. alerts of the privileged sites. For detailed configurations, refer to Services. To edit and delete the accounts, click icons in the Action - TP-Link TL-SG3210XHP-M2 | Omada SDN Controller Software 4.1.5Windows/Linux User - Page 339
COPYRIGHT & TRADEMARKS Specifications are subject to change without notice. is a registered trademark of TP-Link Technologies Co., Ltd. Other brands and product names are trademarks or registered trademarks of their respective holders. No part of the specifications may be reproduced
User Guide
Omada SDN Controller
1910012864 REV4.0.1
August 2020