Home » TP-Link Manuals » Networking » TP-Link OC200 » Manual Viewer

TP-Link OC200 Omada Controller Software 4.1.5Windows/Linux User Guide - Page 182

profile records the information of the RADIUS server which acts as the authentication server during

Add to My Manuals
Save this manual to your list of manuals

Page 182 highlights

Chapter 4 Configure the Network with Omada SDN Controller profile records the information of the RADIUS server which acts as the authentication server during 802.1X authentication. Authentication Protocol Select the authentication protocol for exchanging messages between the switch and RADIUS server. As a bridge between the client and RADIUS server, the switch forwards messages for them. It uses EAP packets to exchange messages with the client, and processes the messages according to the specified authentication protocol before forwarding them to the RADIUS server. PAP: The EAP packets are converted to other protocol (such as RADIUS) packets, and transmitted to the RADIUS server. EAP: The EAP packets are encapsulated in other protocol (such as RADIUS) packets, and transmitted to the authentication server. To use this authentication mechanism, the RADIUS server should support EAP attributes. Authentication Type Select the 802.1X authentication type. Port Based: After a client connected to the port gets authenticated successfully, other clients can access the network via the port without authentication. MAC Based: Clients connected to the port need to be authenticated individually. The RADIUS server distinguishes clients by their MAC addresses. VLAN Assignment This feature allows the RADIUS server to send the VLAN configurations to the port dynamically. After the port is authenticated, the RADIUS server assigns the VLAN based on the username of the client connecting to the port. The username-to-VLAN mappings must be already stored in the RADIUS server database. This feature is available only when the 802.1X authentication type is Port Based. MAB MAB (MAC Authentication Bypass) allows clients to be authenticated without any client software installed. MAB is useful for authenticating devices without 802.1X capability like IP phones. When MAB is enabled on a port, the switch will learn the MAC address of the client automatically and send the authentication server a RADIUS access request frame with the client's MAC address as the username and password. MAB takes effect only when 802.1X authentication is enabled on the port. 180

Section	Page
About this Guide	2
Omada SDN Controller Solution Overview	3
Overview of Omada SDN Controller Solution	4
Core Components	5
Get Started with Omada SDN Controller	10
Set Up Your Software Controller	11
Determine the Network Topology	11
Install Omada Software Controller	12
Start and Log In to the Omada Software Controller	14
Set Up Your Hardware Controller	19
Determine the Network Topology	19
Deploy Omada Hardware Controller	19
Start and Log in to the Controller	20
Set up Your Cloud-Based Controller	24
Manage Omada Managed Devices and Sites	25
Create Sites	26
Adopt Devices	30
For Omada Software Controller / Omada Hardware Controller	30
For Omada Cloud-Based Controller	42
Configure the Network with Omada SDN Controller	45
Navigate the UI	46
Modify the Current Site Configuration	49
Site Configuration	49
Services	49
Advanced Features	52
Device Account	54
Configure Wired Networks	55
Set Up an Internet Connection	55
Configure LAN Networks	69
Configure Wireless Networks	78
Set Up Basic Wireless Networks	78
Advanced Settings	84
WLAN Schedule	86
802.11 Rate Control	86
MAC Filter	87
Network Security	89
ACL	89
URL Filtering	97
Attack Defense	100
Transmission	105
Routing	105
NAT	108
Session Limit	111
Bandwidth Control	112
Configure VPN	116
Create Profiles	143
Time Range	143
Groups	144
Authentication	149
Portal	149
802.1X	180
MAC-Based Authentication	183
RADIUS Profile	184
Services	187
Dynamic DNS	187
SNMP	189
UPnP	190
SSH	191
Reboot Schedule	191
PoE Schedule	192
Export Data	193
Configure the Omada SDN Controller	195
Manage the Controller	196
General Settings	196
Mail Server	197
History Data Retention	199
Customer Experience Improvement Program	199
HTTPS Certificate	200
Access Port Config	200
Manage Your Controller Remotely via Cloud Access	202
Maintenance	204
Controller Status	204
User Interface	204
Backup & Restore	206
Migration	207
Site Migration	207
Controller Migration	212
Configure and Monitor Omada Managed Devices	219
Introduction to the Devices Page	220
Configure and Monitor the Gateway	224
Configure the Gateway	224
Monitor the Gateway	228
Configure and Monitor Switches	232
Configure Switches	232
Monitor Switches	249
Configure and Monitor EAPs	253
Configure EAPs	253
Monitor EAPs	263
Monitor and Manage the Clients	270
Manage Wired and Wireless Clients in Clients Page	271
Introduction to Clients Page	271
Using the Clients Table to Monitor and Manage the Clients	271
Using the Properties Window to Monitor and Manage the Clients	273
Manage Client Authentication in Hotspot Manager	278
Authorized Clients	278
Vouchers	278
Local Users	281
Operators	284
Monitor the Network	287
View the Status of Network with Dashboard	288
Page Layout of Dashboard	288
Explanation of Widgets	290
View the Statistics of the Network	298
Performance	298
Switch Statistics	301
Speed Test Statistics	303
Monitor the Network with Map	305
Topology	305
Map	307
View the Statistics During Specified Period with Insight	310
Known Clients	310
Past Portal Authorizations	311
Rogue APs	312
View and Manage Logs	314
Alerts	315
Events	316
Notifications	317
Manage Administrator Accounts of Omada SDN Controller	323
Introduction to User Accounts	324
Manage and Create Local User Accounts	325
Edit the Master Administrator Account	325
Create and Manage Administrator and Viewer	327
Manage and Create Cloud User Accounts	330
Set Up the Cloud Master Administrator	330

Match case Limit results 1 per page

180

Chapter 4

Conﬁgure the Network with Omada SDN Controller

profile records the information of the RADIUS server which acts as the authentication server during

802.1X authentication.

Authentication Protocol

Select the authentication protocol for exchanging

messages between the switch and

RADIUS server. As a bridge between the client and RADIUS server, the switch forwards

messages for them. It uses EAP packets to exchange messages with the client, and

processes the messages according to the specified authentication protocol before

forwarding them to the RADIUS server.

PAP:

The EAP packets are converted to other protocol (such as RADIUS) packets, and

transmitted to the RADIUS server.

EAP:

The EAP packets are encapsulated in other protocol (such as RADIUS) packets, and

transmitted to the authentication server. To use this authentication mechanism, the RADIUS

server should support EAP attributes.

Authentication Type

Select the 802.1X authentication type.

Port Based:

After a client connected to the port gets authenticated successfully, other

clients can access the network via the port without

authentication.

MAC Based:

Clients connected to the port need to be authenticated individually. The

RADIUS server distinguishes clients by their MAC addresses.

VLAN Assignment

This feature allows the RADIUS server to send the VLAN configurations to the port

dynamically. After the port is authenticated, the RADIUS

server assigns the VLAN based on

the username of the client connecting to the port. The username-to-VLAN mappings must

be already stored in the RADIUS server database. This feature is available only when the

802.1X authentication type is Port Based.

MAB

MAB (MAC Authentication Bypass) allows clients to be authenticated without any client

software installed. MAB is useful for authenticating devices without 802.1X capability like IP

phones. When MAB is enabled on a port, the switch will learn the MAC address of the client

automatically and send the authentication server a RADIUS access request frame with the

client’s MAC address as the username and password. MAB takes effect only when 802.1X

authentication is enabled on the port.