Home » TP-Link Manuals » Hubs & Switches » TP-Link T1500G-10MPS » Manual Viewer

TP-Link T1500G-10MPS T1500G-10MPSUN V1 User Guide - Page 179

Global Config, Privilege Elevation

View all TP-Link T1500G-10MPS manuals

Add to My Manuals
Save this manual to your list of manuals

Page 179 highlights

local switch denies the user's access, the authentication process stops and no other authentication methods are attempted.  802.1X Authentication 802.1X protocol uses the RADIUS to provide detailed accounting information and flexible administrative control over authentication process. The Dot1x List feature defines the RADIUS server groups in the 802.1X authentication.  RADIUS/TACACS+ Server Users can configure the RADIUS/TACACS+ servers for the connection between the switch and the server.  Server Group Users can define the authentication server group with up to several servers running the same secure protocols, either RADIUS or TACACS+. Users can set these servers in a preferable order, which is called the server group list. When a user tries to access the switch, the switch will ask the first server in the server group list for authentication. If no response is received, the second server will be queried, and so on. The switch has two built-in authentication server group, one for RADIUS and the other for TACACS+. These two server groups cannot be deleted, and the user-defined RADIUS/TACACS+ server will join these two server groups automatically. 12.6.1 Global Config This page is used to enable/disable the AAA function globally. Choose the menu Network Security→AAA→Global Conifg to load the following page. Figure 12-24 AAA Global Config  Configuration Procedure Click Enable to enable the AAA function globally. 12.6.2 Privilege Elevation This page is used to elevate the current logged-in user from guest to admin and gain administrator level privileges. The authentication password is possibly authenticated in RADIUS/TACACS+ servers, user-defined server groups or local on the switch. Choose the menu Network Security→AAA→Global Conifg to load the following page. Figure 12-25 Privilege Elevate  Configuration Procedure Enter the Enable Password and click Enable button to elevate the current logged-in user from guest to admin. Only admin users can configure the following AAA settings. 170

Section	Page
Package Contents	10
Chapter 1 About this Guide	11
1.1 Intended Readers	11
1.2 Conventions	11
1.3 Overview of This Guide	11
Chapter 2 Introduction	15
2.1 Overview of the Switch	15
2.2 Appearance Description	15
2.2.1 Front Panel	15
2.2.2 Rear Panel	17
Chapter 3 Login to the Switch	19
3.1 Login	19
3.2 Configuration	19
Chapter 4 System	21
4.1 System Info	21
4.1.1 System Summary	21
4.1.2 Device Description	22
4.1.3 System Time	23
4.1.4 Daylight Saving Time	24
4.1.5 System IP	25
4.2 User Management	27
4.2.1 User Table	27
4.2.2 User Config	27
4.3 System Tools	29
4.3.1 Boot Config	29
4.3.2 Config Restore	29
4.3.3 Config Backup	30
4.3.4 Firmware Upgrade	31
4.3.5 System Reboot	31
4.3.6 System Reset	32
4.4 Access Security	32
4.4.1 Access Control	32
4.4.2 HTTP Config	33
4.4.3 HTTPS Config	34
4.4.4 SSH Config	38
4.4.5 Telnet Config	44
Chapter 5 Switching	45
5.1 Port	45
5.1.1 Port Config	45
5.1.2 Port Mirror	46
5.1.3 Port Security	48
5.1.4 Port Isolation	50
5.1.5 Loopback Detection	51
5.2 LAG	53
5.2.1 LAG Table	53
5.2.2 Static LAG	55
5.2.3 LACP Config	56
5.3 Traffic Monitor	57
5.3.1 Traffic Summary	57
5.3.2 Traffic Statistics	58
5.4 MAC Address	60
5.4.1 Address Table	61
5.4.2 Static Address	63
5.4.3 Dynamic Address	64
5.4.4 Filtering Address	66
Chapter 6 VLAN	68
6.1 802.1Q VLAN	69
6.1.1 VLAN Config	70
6.1.2 Port Config	72
6.2 Application Example for 802.1Q VLAN	73
Chapter 7 Spanning Tree	75
7.1 STP Config	80
7.1.1 STP Config	80
7.1.2 STP Summary	82
7.2 Port Config	83
7.3 MSTP Instance	85
7.3.1 Region Config	85
7.3.2 Instance Config	86
7.3.3 Instance Port Config	87
7.4 STP Security	88
7.4.1 Port Protect	88
7.5 Application Example for STP Function	91
Chapter 8 Multicast	96
8.1 IGMP Snooping	100
8.1.1 Snooping Config	102
8.1.2 Port Config	103
8.1.3 VLAN Config	104
8.1.4 Multicast VLAN	106
8.1.5 Querier Config	109
8.1.6 Profile Config	110
8.1.7 Profile Binding	112
8.1.8 Packet Statistics	113
8.2 Multicast Table	114
8.2.1 IPv4 Multicast Table	114
8.2.2 Static IPv4 Multicast Table	115
Chapter 9 QoS	117
9.1 DiffServ	120
9.1.1 Port Priority	120
9.1.2 Schedule Mode	121
9.1.3 802.1P Priority	122
9.1.4 DSCP Priority	123
9.2 Bandwidth Control	124
9.2.1 Rate Limit	124
9.2.2 Storm Control	125
9.3 Voice VLAN	126
9.3.1 Global Config	129
9.3.2 Port Config	129
9.3.3 OUI Config	131
Chapter 10 PoE	133
10.1 PoE Config	133
10.1.1 PoE Config	134
10.1.2 PoE Profile	135
10.2 Time-Range	136
10.2.1 Time-Range Summary	136
10.2.2 Time-Range Create	137
10.2.3 Holiday Config	138
Chapter 11 ACL	140
11.1 ACL Config	140
11.1.1 ACL Summary	140
11.1.2 ACL Create	140
11.1.3 MAC ACL	141
11.1.4 Standard-IP ACL	142
11.1.5 Extend-IP ACL	142
11.2 Policy Config	143
11.2.1 Policy Summary	144
11.2.2 Policy Create	144
11.2.3 Action Create	144
11.3 ACL Binding	145
11.3.1 Binding Table	145
11.3.2 Port Binding	146
11.3.3 VLAN Binding	147
11.4 Policy Binding	148
11.4.1 Binding Table	148
11.4.2 Port Binding	149
11.4.3 VLAN Binding	150
11.5 Application Example for ACL	151
Chapter 12 Network Security	153
12.1 IP-MAC Binding	153
12.1.1 Binding Table	153
12.1.2 Manual Binding	154
12.1.3 ARP Scanning	156
12.2 DHCP Snooping	157
12.2.1 Global Config	161
12.2.2 Port Config	161
12.2.3 Option 82 Config	162
12.3 ARP Inspection	163
12.3.1 ARP Detect	166
12.3.2 ARP Defend	168
12.3.3 ARP Statistics	168
12.4 DoS Defend	169
12.4.1 DoS Defend	170
12.5 802.1X	171
12.5.1 Global Config	175
12.5.2 Port Config	176
12.6 AAA	178
12.6.1 Global Config	179
12.6.2 Privilege Elevation	179
12.6.3 RADIUS Server Config	180
12.6.4 TACACS+ Server Config	180
12.6.5 Authentication Server Group Config	181
12.6.6 Authentication Method List Config	182
12.6.7 Application Authentication List Config	184
12.6.8 802.1X Authentication Server Config	184
12.6.9 Default Settings	185
Chapter 13 SNMP	186
13.1 SNMP Config	188
13.1.1 Global Config	188
13.1.2 SNMP View	189
13.1.3 SNMP Group	190
13.1.4 SNMP User	192
13.1.5 SNMP Community	193
13.2 Notification	196
13.3 RMON	197
13.3.1 Statistics	198
13.3.2 History	199
13.3.3 Event	200
13.3.4 Alarm	201
Chapter 14 LLDP	203
14.1 Basic Config	208
14.1.1 Global Config	208
14.1.2 Port Config	209
14.2 Device Info	210
14.2.1 Local Info	210
14.2.2 Neighbor Info	212
14.3 Device Statistics	213
14.4 LLDP-MED	214
14.4.1 Global Config	215
14.4.2 Port Config	216
14.4.3 Local Info	217
14.4.4 Neighbor Info	218
Chapter 15 Maintenance	220
15.1 System Monitor	220
15.1.1 CPU Monitor	220
15.1.2 Memory Monitor	221
15.2 Log	222
15.2.1 Log Table	223
15.2.2 Local Log	224
15.2.3 Remote Log	224
15.2.4 Backup Log	225
15.3 Device Diagnostics	226
15.3.1 Cable Test	226
15.4 Network Diagnostics	227
15.4.1 Ping	227
15.4.2 Tracert	228
Appendix A: Specifications	229

Match case Limit results 1 per page

170

local switch denies the user’s access, the authentication process stops and no other

authentication methods are attempted.



802.1X Authentication

802.1X protocol uses the RADIUS to provide detailed accounting information and flexible

administrative control over authentication process. The Dot1x List feature defines the RADIUS

server groups in the 802.1X authentication.



RADIUS/TACACS+ Server

Users can configure the RADIUS/TACACS+ servers for the connection between the switch and

the server.



Server Group

Users can define the authentication server group with up to several servers running the same

secure protocols, either RADIUS or TACACS+. Users can set these servers in a preferable order,

which is called the server group list. When a user tries to access the switch, the switch will ask the

first server in the server group list for authentication. If no response is received, the second server

will be queried, and so on.

The switch has two built-in authentication server group, one for RADIUS and the other for

TACACS+. These two server groups cannot be deleted, and the user-defined RADIUS/TACACS+

server will join these two server groups automatically.

12.6.1

Global Config

This page is used to enable/disable the AAA function globally.

Choose the menu

Network Security

→

AAA

→

Global Conifg

to load the following page.

Figure 12-24 AAA Global Config



Configuration Procedure

Click Enable to enable the AAA function globally.

12.6.2

Privilege Elevation

This page is used to elevate the current logged-in user from guest to admin and gain administrator

level privileges. The authentication password is possibly authenticated in RADIUS/TACACS+

servers, user-defined server groups or local on the switch.

Choose the menu

Network Security

→

AAA

→

Global Conifg

to load the following page.

Figure 12-25 Privilege Elevate



Configuration Procedure

Enter the Enable Password and click Enable button to elevate the current logged-in user from

guest to admin. Only admin users can configure the following AAA settings.