Home » TP-Link Manuals » Hubs & Switches » TP-Link T1700G-28TQ » Manual Viewer

TP-Link T1700G-28TQ T1700G-28TQ V1 CLI Reference Guide - Page 115

radius

View all TP-Link T1700G-28TQ manuals

Add to My Manuals
Save this manual to your list of manuals

Page 115 highlights

port-based: All the clients connected to the port can access the network on the condition that any one of the clients has passed the 802.1X Authentication. Command Mode Interface Configuration Mode (interface gigabitEthernet / interface range gigabitEthernet / interface ten-gigabitEthernet / interface range ten-gigabitEthernet) Example Configure the Control Type for Gigabit Ethernet port 1/0/20 as "port-based": T1700G-28TQ(config)#interface gigabitEthernet 1/0/20 T1700G-28TQ(config-if)#dot1x port-method port-based 16.12 radius Description The radius command is used to configure the parameters of radius. Syntax radius { [auth-pri ip] [auth-sec ip] [auth-port port] [acct-pri ip] [acct-sec ip] [acct-port port] [auth-key { [ 0 ] password | 7 encrypted-password } ] [acct-key { [ 0 ] password | 7 encrypted-password } ] } no radius { auth-port | auth-key | auth-pri | auth-sec | acct-port | acct-key | acct-pri | acct-sec } Parameter auth-pri ip -- The IP address of the authentication server. auth-sec ip -- The IP address of the alternative authentication server. auth-port port --The UDP port of authentication server(s) ranging from 1 to 65535. The default value is 1812. acct-pri ip -- The IP address of the accounting server. acct-sec ip -- The IP address of the alternative accounting server. acct-port port -- The UDP port of accounting server(s) ranging from 1 to 65535. The default value is 1813. auth-key { [ 0 ] password | 7 encrypted-password } -- 0 and 7 are the encryption type. 0 indicates that an unencrypted password will follow. 7 indicates that a symmetric encrypted password with a fixed length will follow. By default, the encryption type is 0. "password" is the shared password for the 101

Section	Page
Preface	15
Chapter 1 Using the CLI	18
1.1 Accessing the CLI	18
1.1.1 Logon by Telnet	18
1.1.2 Logon by SSH	19
1.2 CLI Command Modes	24
1.3 Security Levels	27
1.4 Conventions	28
1.4.1 Format Conventions	28
1.4.2 Special Characters	28
1.4.3 Parameter Format	28
Chapter 2 User Interface	29
2.1 enable	29
2.2 service password-encryption	29
2.3 enable password	30
2.4 enable secret	31
2.5 configure	32
2.6 exit	32
2.7 end	32
2.8 show history	33
2.9 clear history	33
Chapter 3 Stack	35
3.1 switch priority	35
3.2 switch renumber	35
3.3 switch stack-port	36
3.4 switch provision	37
3.5 show switch	37
Chapter 4 IEEE 802.1Q VLAN Commands	39
4.1 vlan	39
4.2 interface vlan	39
4.3 name	40
4.4 switchport general allowed vlan	40
4.5 switchport pvid	41
4.6 show vlan summary	42
4.7 show vlan brief	42
4.8 show vlan	42
4.9 show interface switchport	43
Chapter 5 MAC-based VLAN Commands	44
5.1 mac-vlan mac-address	44
5.2 mac-vlan	44
5.3 show mac-vlan	45
5.4 show mac-vlan interface	46
Chapter 6 Protocol VLAN Commands	47
6.1 protocol-vlan template	47
6.2 protocol-vlan vlan	48
6.3 protocol-vlan	48
6.4 show protocol-vlan template	49
6.5 show protocol-vlan vlan	49
Chapter 7 Voice VLAN Commands	51
7.1 voice vlan	51
7.2 voice vlan aging	51
7.3 voice vlan priority	52
7.4 voice vlan mac-address	52
7.5 switchport voice vlan mode	53
7.6 switchport voice vlan security	54
7.7 show voice vlan	54
7.8 show voice vlan oui	55
7.9 show voice vlan switchport	55
Chapter 8 Etherchannel Commands	57
8.1 channel-group	57
8.2 port-channel load-balance	58
8.3 lacp system-priority	59
8.4 lacp port-priority	59
8.5 show etherchannel	60
8.6 show etherchannel load-balance	60
8.7 show lacp	61
8.8 show lacp sys-id	61
Chapter 9 User Management Commands	63
9.1 user name (password)	63
9.2 user name (secret)	64
9.3 user access-control ip-based	65
9.4 user access-control mac-based	66
9.5 user access-control port-based	66
9.6 telnet	67
9.7 show user account-list	68
9.8 show user configuration	68
9.9 show telnet-status	69
Chapter 10 HTTP and HTTPS Commands	70
10.1 ip http server	70
10.2 ip http max-users	70
10.3 ip http session timeout	71
10.4 ip http secure-server	72
10.5 ip http secure-protocol	72
10.6 ip http secure-ciphersuite	73
10.7 ip http secure-max-users	73
10.8 ip http secure-session timeout	74
10.9 ip http secure-server download certificate	75
10.10 ip http secure-server download key	75
10.11 show ip http configuration	76
10.12 show ip http secure-server	77
Chapter 11 Binding Table Commands	78
11.1 ip source binding	78
11.2 ip dhcp snooping	79
11.3 ip dhcp snooping vlan	80
11.4 ip dhcp snooping information option	80
11.5 ip dhcp snooping information strategy	81
11.6 ip dhcp snooping information remote-id	81
11.7 ip dhcp snooping information circuit-id	82
11.8 ip dhcp snooping trust	83
11.9 ip dhcp snooping mac-verify	83
11.10 ip dhcp snooping limit rate	84
11.11 ip dhcp snooping decline rate	85
11.12 show ip source binding	85
11.13 show ip dhcp snooping	86
11.14 show ip dhcp snooping interface	86
Chapter 12 ARP Inspection Commands	88
12.1 ip arp inspection(global)	88
12.2 ip arp inspection trust	88
12.3 ip arp inspection(interface)	89
12.4 ip arp inspection limit-rate	89
12.5 ip arp inspection recover	90
12.6 show ip arp inspection	91
12.7 show ip arp inspection interface	91
12.8 show ip arp inspection statistics	92
12.9 clear ip arp inspection statistics	92
Chapter 13 DoS Defend Commands	93
13.1 ip dos-prevent	93
13.2 ip dos-prevent type	93
13.3 show ip dos-prevent	94
Chapter 14 System Log Commands	95
14.1 logging buffer	95
14.2 logging buffer level	95
14.3 logging file flash	96
14.4 logging file flash frequency	97
14.5 logging file flash level	97
14.6 logging host index	98
14.7 logging monitor	99
14.8 logging monitor level	99
14.9 clear logging	100
14.10 show logging local-config	100
14.11 show logging loghost	101
14.12 show logging buffer	101
14.13 show logging flash	102
Chapter 15 SSH Commands	103
15.1 ip ssh server	103
15.2 ip ssh version	103
15.3 ip ssh algorithm	104
15.4 ip ssh timeout	104
15.5 ip ssh max-client	105
15.6 ip ssh download	105
15.7 remove public-key	106
15.8 show ip ssh	107
Chapter 16 IEEE 802.1X Commands	108
16.1 dot1x system-auth-control	108
16.2 dot1x handshake	108
16.3 dot1x auth-method	109
16.4 dot1x guest-vlan(global)	110
16.5 dot1x quiet-period	110
16.6 dot1x timeout	111
16.7 dot1x max-reauth-req	112
16.8 dot1x	112
16.9 dot1x guest-vlan(interface)	113
16.10 dot1x port-control	113
16.11 dot1x port-method	114
16.12 radius	115
16.13 radius server-account	116
16.14 show dot1x global	117
16.15 show dot1x interface	117
16.16 show radius accounting	118
16.17 show radius authentication	118
Chapter 17 MAC Address Commands	119
17.1 mac address-table static	119
17.2 mac address-table aging-time	120
17.3 mac address-table filtering	120
17.4 mac address-table max-mac-count	121
17.5 show mac address-table	122
17.6 show mac address-table aging-time	123
17.7 show mac address-table max-mac-count	123
17.8 show mac address-table interface	124
17.9 show mac address-table count	124
17.10 show mac address-table address	125
17.11 show mac address-table vlan	125
Chapter 18 System Configuration Commands	126
18.1 system-time manual	126
18.2 system-time ntp	126
18.3 system-time dst predefined	128
18.4 system-time dst date	129
18.5 system-time dst recurring	130
18.6 hostname	131
18.7 location	131
18.8 contact-info	132
18.9 ip address	132
18.10 ip address-alloc	133
18.11 reset	134
18.12 reboot	134
18.13 copy running-config startup-config	135
18.14 copy startup-config tftp	135
18.15 copy tftp startup-config	136
18.16 boot application	137
18.17 remove backup-image	137
18.18 firmware upgrade	138
18.19 ping	139
18.20 tracert	140
18.21 show system-info	141
18.22 show image-info	141
18.23 show boot	141
18.24 show running-config	142
18.25 show startup-config	142
18.26 show system-time	143
18.27 show system-time dst	143
18.28 show system-time ntp	143
18.29 show cable-diagnostics interface gigabitEthernet	144
18.30 show cpu-utilization	144
18.31 show memory-utilization	145
Chapter 19 IPv6 Address Configuration Commands	146
19.1 ipv6 enable	146
19.2 ipv6 address autoconfig	146
19.3 ipv6 address link-local	147
19.4 ipv6 address dhcp	147
19.5 ipv6 address ra	148
19.6 ipv6 address eui-64	149
19.7 ipv6 address	149
19.8 show ipv6 interface	150
Chapter 20 Ethernet Configuration Commands	151
20.1 interface gigabitEthernet	151
20.2 interface range gigabitEthernet	151
20.3 interface ten-gigabitEthernet	152
20.4 interface range ten-gigabitEthernet	152
20.5 description	153
20.6 shutdown	154
20.7 flow-control	154
20.8 duplex	155
20.9 jumbo	155
20.10 speed	156
20.11 storm-control pps	157
20.12 storm-control	157
20.13 bandwidth	158
20.14 clear counters	159
20.15 show interface status	159
20.16 show interface counters	160
20.17 show interface configuration	160
20.18 show storm-control	161
20.19 show bandwidth	162
Chapter 21 QoS Commands	163
21.1 qos	163
21.2 qos dscp	163
21.3 qos queue cos-map	164
21.4 qos queue dscp-map	165
21.5 qos queue mode	166
21.6 qos queue weight	167
21.7 show qos interface	168
21.8 show qos cos-map	169
21.9 show qos dscp-map	169
21.10 show qos queue mode	169
21.11 show qos status	170
Chapter 22 Port Mirror Commands	171
22.1 monitor session destination interface	171
22.2 monitor session source interface	172
22.3 show monitor session	173
Chapter 23 Port Isolation Commands	174
23.1 port isolation	174
23.2 show port isolation interface	175
Chapter 24 Loopback Detection Commands	176
24.1 loopback-detection(global)	176
24.2 loopback-detection interval	176
24.3 loopback-detection recovery-time	177
24.4 loopback-detection(interface)	177
24.5 loopback-detection config	178
24.6 loopback-detection recover	179
24.7 show loopback-detection global	179
24.8 show loopback-detection interface	180
Chapter 25 ACL Commands	181
25.1 access-list create	181
25.2 mac access-list	181
25.3 access-list standard	182
25.4 access-list extended	183
25.5 rule	184
25.6 access-list policy name	185
25.7 access-list policy action	185
25.8 access-list bind acl	186
25.9 access-list bind(interface)	186
25.10 access-list bind(vlan)	187
25.11 show access-list	187
25.12 show access-list policy	188
25.13 show access-list bind	188
Chapter 26 MSTP Commands	189
26.1 debug spanning-tree	189
26.2 spanning-tree(global)	190
26.3 spanning-tree(interface)	190
26.4 spanning-tree common-config	191
26.5 spanning-tree mode	192
26.6 spanning-tree mst configuration	192
26.7 instance	193
26.8 name	194
26.9 revision	194
26.10 spanning-tree mst instance	195
26.11 spanning-tree mst	195
26.12 spanning-tree priority	196
26.13 spanning-tree tc-defend	197
26.14 spanning-tree timer	197
26.15 spanning-tree hold-count	198
26.16 spanning-tree max-hops	199
26.17 spanning-tree bpdufilter	199
26.18 spanning-tree bpduguard	200
26.19 spanning-tree guard loop	200
26.20 spanning-tree guard root	201
26.21 spanning-tree guard tc	201
26.22 spanning-tree mcheck	202
26.23 show spanning-tree active	203
26.24 show spanning-tree bridge	203
26.25 show spanning-tree interface	203
26.26 show spanning-tree interface-security	204
26.27 show spanning-tree mst	205
Chapter 27 IGMP Snooping Commands	206
27.1 ip igmp snooping(global)	206
27.2 ip igmp snooping(interface)	206
27.3 ip igmp snooping rtime	207
27.4 ip igmp snooping mtime	207
27.5 ip igmp snooping report-suppression	208
27.6 ip igmp snooping immediate-leave	208
27.7 ip igmp snooping drop-unknown	209
27.8 ip igmp snooping last-listener query-inteval	209
27.9 ip igmp snooping last-listener query-count	210
27.10 ip igmp snooping vlan-config	210
27.11 ip igmp snooping multi-vlan-config	212
27.12 ip igmp snooping querier vlan	213
27.13 ip igmp snooping querier vlan (general query)	213
27.14 ip igmp snooping max-groups	214
27.15 ip igmp profile	215
27.16 deny	216
27.17 permit	216
27.18 range	216
27.19 ip igmp filter	217
27.20 clear ip igmp snooping statistics	218
27.21 show ip igmp snooping	218
27.22 show ip igmp snooping interface	218
27.23 show ip igmp snooping vlan	219
27.24 show ip igmp snooping multi-vlan	220
27.25 show ip igmp snooping groups	220
27.26 show ip igmp snooping querier	221
27.27 show ip igmp profile	222
Chapter 28 MLD Snooping Commands	223
28.1 ipv6 mld snooping(global)	223
28.2 ipv6 mld snooping(interface)	223
28.3 ipv6 mld snooping rtime	224
28.4 ipv6 mld snooping mtime	224
28.5 ipv6 mld snooping report-suppression	225
28.6 ipv6 mld snooping immediate-leave	225
28.7 ipv6 mld snooping drop-unknown	226
28.8 ipv6 mld snooping last-listener query-inteval	226
28.9 ipv6 mld snooping last-listener query-count	227
28.10 ipv6 mld snooping vlan-config	227
28.11 ipv6 mld snooping multi-vlan-config	228
28.12 ipv6 mld snooping querier vlan	230
28.13 ipv6 mld snooping querier vlan (general query)	230
28.14 ipv6 mld snooping max-groups	231
28.15 ipv6 mld profile	232
28.16 deny	233
28.17 permit	233
28.18 range	233
28.19 ipv6 mld filter	234
28.20 clear ipv6 mld snooping statistics	235
28.21 show ipv6 mld snooping	235
28.22 show ipv6 mld snooping interface	235
28.23 show ipv6 mld snooping vlan	236
28.24 show ipv6 mld snooping multi-vlan	237
28.25 show ipv6 mld snooping groups	237
28.26 show ipv6 mld snooping querier	238
28.27 show ipv6 mld profile	238
Chapter 29 SNMP Commands	239
29.1 snmp-server	239
29.2 snmp-server view	239
29.3 snmp-server group	240
29.4 snmp-server user	241
29.5 snmp-server community	243
29.6 snmp-server host	243
29.7 snmp-server engineID	245
29.8 snmp-server traps snmp	246
29.9 snmp-server traps link-status	247
29.10 snmp-server traps	247
29.11 snmp-server traps mac	248
29.12 snmp-server traps vlan	249
29.13 rmon history	250
29.14 rmon event	251
29.15 rmon alarm	252
29.16 rmon statistics	253
29.17 show snmp-server	254
29.18 show snmp-server view	254
29.19 show snmp-server group	255
29.20 show snmp-server user	255
29.21 show snmp-server community	255
29.22 show snmp-server host	256
29.23 show snmp-server engineID	256
29.24 show rmon history	257
29.25 show rmon event	257
29.26 show rmon alarm	258
29.27 show rmon statistics	258
Chapter 30 ARP Commands	259
30.1 arp	259
30.2 clear arp-cache	259
30.3 arp timeout	260
30.4 show arp	260
30.5 show ip arp (interface)	261
30.6 show ip arp summary	261
Chapter 31 Static Routes Commands	263
31.1 interface vlan	263
31.2 interface loopback	263
31.3 switchport	264
31.4 shutdown	264
31.5 ip route	265
31.6 description	265
31.7 show interface vlan	266
31.8 show ip interface	266
31.9 show ip interface brief	267
31.10 show ip route	267
31.11 show ip route specify	268

Match case Limit results 1 per page

101

port-based: All the clients connected to the port can access the network on the

condition that any one of the clients has passed the 802.1X Authentication.

Command Mode

Interface Configuration Mode (interface gigabitEthernet / interface range

gigabitEthernet

interface

ten-gigabitEthernet

interface

range

ten-gigabitEthernet)

Example

Configure the Control Type for Gigabit Ethernet port 1/0/20 as “port-based”:

T1700G-28TQ(config)#interface gigabitEthernet

1/0/20

T1700G-28TQ(config-if)#dot1x port-method

port-based

16.12

radius

Description

The

radius

command is used to configure the parameters of radius.

Syntax

radius

{ [

auth-pri

] [

auth-sec

] [

auth-port

port

] [

acct-pri

] [

acct-sec

]

[

acct-port

port

] [

auth-key

{ [ 0 ]

password

| 7

encrypted-password

} ] [

acct-key

{ [ 0 ]

password

| 7

encrypted-password

} ] }

no radius

{ auth-port | auth-key | auth-pri | auth-sec | acct-port | acct-key |

acct-pri | acct-sec }

Parameter

auth-pri

—— The IP address of the authentication server.

auth-sec

—— The IP address of the alternative authentication server.

auth-port

port

——The UDP port of authentication server(s) ranging from 1 to

65535. The default value is 1812.

acct-pri

—— The IP address of the accounting server.

acct-sec

—— The IP address of the alternative accounting server.

acct-port

port

—— The UDP port of accounting server(s) ranging from 1 to

65535. The default value is 1813.

auth-key

{ [ 0 ]

password

| 7

encrypted-password

}

—— 0 and 7 are the

encryption type. 0 indicates that an unencrypted password will follow. 7

indicates that a symmetric encrypted password with a fixed length will follow. By

default, the encryption type is 0. “

password

“

the shared password for the