TP-Link TL-SL3428, TL-SL3452, TL-SG3109 manual Defining TACACS+ Host Settings, Session is permitted

Page 34

session is permitted.

2.Define the Console, Telnet, and Secure Telnet (SSH) fields.

3.Map the authentication method in the Secure HTTP selection box.

4.Map the authentication method in the HTTP selection box.

5.Click . The authentication mapping is saved, and the device is updated.

5.1.1.5 Defining TACACS+ Host Settings

Terminal Access Controller Access Control System (TACACS+) provides centralized security user access validation. The system supports up-to 4 TACACS+ servers.

TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services:

Authentication — Provides authentication during login and via user names and user-defined passwords.

Authorization — Performed at login. Once the authentication session is completed, an authorization session starts using the authenticated user name.

The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the client and TACACS+ server.

Note:

The TACACS+ default parameters are user-assigned defaults. The default settings are applied to newly defined TACACS+ servers. If default values are not defined, the system defaults are applied to the new TACACS+ servers.

To define TACACS+ authentication settings:

1.Click Security > Management Security > Authentication > TACACS+. The TACACS+ Page opens:

Figure 33: TACACS+ Page

The Default Parameters section contains the following fields:

Source IP Address — Defines the default device source IP address used for the TACACS+ session between the device and the TACACS+ server.

Key String (1-128 Characters) — Defines the authentication and encryption key for TACACS+

communications between the device and the TACACS+ server. This key must match the encryption used on the TACACS+ server.

Timeout for Reply — Defines the default time that passes before the connection between the device and the TACACS+ times out. The default is 5.

The TACACS+ Page also contains the following fields:

Host IP Address — Defines the TACACS+ Server IP address.

Priority — Defines the order in which the TACACS+ servers are used. The field range is 0-65535. The default is 0.

Source IP Address — Defines the device source IP address used for the TACACS+ session between the device and the TACACS+ server.

Authentication Port (0-65535)— Defines the port number via which the TACACS+ session occurs. The default port is port 49.

2 7

Image 34
Contents Embedded Web System User Guide Copyright & Trademarks FCC Statement Table of Contents Defining Authentication Profiles Configuring Authentication MethodsDefining Access Profiles Mapping Authentication ProfilesConfiguring Multicast Forwarding Configuring GarpConfiguring the Classic STP Defining STP Properties Defining GvrpConfiguration Download Basic QoS ModeAdvanced QoS Mode Configuration UploadViewing Statistics GlossaryPreface Guide OverviewIntended Audience Getting Started Starting the TP-Link Embedded Web InterfaceClick . The TP-Link Embedded Web Interface Home Page opens Understanding the TP-Link Embedded Web InterfaceInterface Components Device Representation Using the TP-Link Embedded Web Interface Management ButtonsTP-Link Web Interface Configuration Management Buttons TP-Link Web Interface Information ButtonsAdding Configuration Information Using Screen and Table OptionsDeleting Configuration Information Modifying Configuration InformationLogging Off from the Device Resetting the DeviceClick System General Reset. The Reset Page opens Click . a confirmation message is displayedDefining Device Information System DescriptionSetting the System Time Configuring Daylight Savings TimeSystem Information Time Recurring Daylight SavingsDefine the Date, Local Time and Time Zone Offset fields Polling for Unicast Time Information Configuring SntpSntp Overview Polling for Anycast Time InformationConfiguring Sntp Authentication Defining Sntp Global SettingsSntp Properties Page contains the following fields Check the Enable Sntp Authentication checkbox To configure Sntp authenticationSntp Authentication Page contains the following fields Click . The Add Sntp Authentication Page opensSntp Servers Page contains the following fields Defining Sntp Interface SettingsClick . The Sntp Server is added, and the device is updated Click . The Add Sntp Server Page opensClick . The Add Sntp Interface Page opens Sntp Interface Settings Page contains the following fieldsCheck the Receive Server Updates option Select the InterfaceFollowing table lists the log severity levels Configuring System LogsDefining General Log Properties System Log Severity LevelsViewing Flash Logs Viewing Memory Logs Severity To view Flash memory logs Defining System Log ServersClick . The Add Syslog Server Page opens Click . The Log server is defined and the device is updated Add Syslog ServerConfiguring Authentication Methods Configuring Device SecurityConfiguring Management Security Defining Access ProfilesAccess Profile Click . The Add Access Profile Page opensDefining Profile Rules Profile RulesClick . The Profile Rule Settings Page opens Defining Authentication ProfilesAuthentication Profiles Page provides the following Click . The Authentication Profile Settings Page opens Mapping Authentication ProfilesClick . The Add Authentication Profile Page opens Define the Profile Method and enter the Profile Name fieldsAuthentication Mapping Authentication Mapping Page contains the following fieldsSession is permitted Defining TACACS+ Host SettingsTo define TACACS+ authentication settings Define the Console, Telnet, and Secure Telnet SSH fieldsClick . The Add TACACS+ Host Page opens Defining Radius Server SettingsClick . The TACACS+ Host Settings Page opens Select TACACS+ server entryRadius Click . The Add Radius Server Page opensDefining Local Users Configuring PasswordsClick . The Radius Server Settings Page opens Click . The Add Local User Page opensDefining Enable Passwords Configuring Network SecurityDefining Line Passwords Line Password Page contains the following fieldsAdvanced Port-Based Authentication Defining Network Authentication PropertiesPort-Based Authentication Network Security OverviewDefining Port Authentication Properties Port Authentication Page contains the following fieldsConfiguring Multiple Hosts Click . The Port Authentication Settings Page opensClick . The Multiple Host Settings Page opens Defining Authentication HostsTo define authenticated users Configuring Traffic Control Managing Port SecurityClick . The Port Security Settings Page opens Enabling Storm ControlStorm Control Cast B, cast M tbd Cast M, cast tbd Cast tbdDefining IP Addresses Defining IP AddressesDefining IP Addressing Click . The Add IP Interface Page opensEnter the name of the User Defined Default Gateway Defining the Default GatewayClick . The IP Interface Settings Page opens Defining Dhcp AddressesTo define ARP Defining ARPARP Page contains the following fields DNS Server Page contains the following fields Defining Domain Name SystemDefining DNS Servers  Type Displays the IP address type. The possibleConfiguring Host Mapping Host Mapping Page contains the following fieldsAdd DNS Host Enter the Host Name and IP AddressConfiguring Interfaces Configuring PortsInterface Configuration Settings Click . The parameters are saved, and the device is updatedDefining LAG Members Configuring LAGsClick . The LAG Membership Settings Page opens To define LAG membersClick . The Lacp Parameters Settings Page opens Configuring LacpLAG Membership Settings Page contains the following fields Lacp Parameters Page contains the following fieldsDefine the Port Priority and Lacp Timeout settings Configuring VLANsDefining Vlan Properties Vlan Member Properties Page contains the following fields Modify the Vlan Name and Disable Authentication fieldsDefining Vlan Membership Click . The Vlan properties are savedTo define Vlan membership Defining Vlan Interface SettingsVlan Interface Settings Page contains the following fields Vlan Member Membership Page contains the following fieldsClick . The Vlan / LAG Interface Settings Page opens Configuring GarpDefining Garp Garp Parameters Page contains the following fields Defining GvrpTo define Gvrp on the device Gvrp Parameters Configuring Static Addresses Forwarding Database Static AddressesTo define the dynamic forwarding addresses Configuring Dynamic Forwarding AddressesClick . The Add Forwarding Database Page opens  Clear Table Clears the Current Address TableSelect the Interface, the MAC Address, and the Vlan ID Select an Address Table Sort KeyClick System Bridging Info Spanning Tree STP Configuring the Classic STPDefining STP Properties Properties. The STP Properties Page opensDefining STP Interface Settings Complete the Spanning Tree State and Bridge Settings fieldsClick . The STP Interface Settings Page opens STP Interface Settings Page contains the following fieldsClick the STP enable checkbox Define the fields Configuring the Rapid STP RstpClick . The Rstp Settings Page opens Configuring the Multiple STPDefining Mstp Properties Click . The device information is updated Configuring Mstp InstancesDefine the Region Name, Revision and Max Hops fields Mstp Vlan Instance Configuration Page opens Configuring Mstp Vlan InstancesConfiguring Mstp Interface Settings Mstp Interface Settings Page contains the following fieldsMstp Interface Settings Modify the Port Priority and Path CostConfiguring Multicast Forwarding Igmp Snooping Page contains the following fieldsDefining Multicast Bridging Groups Click the Enable Igmp Snooping Status checkboxClick . The Multicast Global Parameters Settings Page opens To define multicast groupsMulticast group statically in the Current Row Igmp Port/LAG Members Table Control SettingsClick . The Multicast Group Settings Page opens Join a Multicast groupMulticast Forward All Page contains the following fields Port is not attached to a Multicast router or switchDefining Multicast Forward All Parameters ForbiddenSnmp Snmp v1 and v2cDefining Snmp Security Defining Snmp Views Define the Local Engine ID and Use Default fieldsDefining Snmp Global Parameters Snmp Security Views Page contains the following fieldsDefining Snmp Group Profiles Click . The Add Snmp View Page opensDefining Snmp Group Members Click . The Snmp Group Profile Settings Page opensClick . The Add Snmp Group Profile Page opens Membership Page, The Add Snmp Group Membership Click . The Snmp Group Membership Settings Page opensAddition to the fields in the Snmp Security Group Contains the following fieldsSnmp Communities Advanced Table Defining Snmp CommunitiesSnmp Communities Basic Table Snmp Security Communities Page is divided intoDefining Snmp Notification Properties Configuring Snmp Notification SettingsDevice is updated To modify Snmp Group Membership settings Defining Notification FiltersSnmp Notification FiIter Page contains the following fields Defining Notification ReceiversClick . The Add Snmp Notification Filter Page opens SNMPv3 Notification Recipient SNMPv1,2c Notification RecipientSnmp Notification Receiver Page c is divided into Click . The Snmp Notification Receiver Settings Page opens Click . The Add Snmp Notification Receiver Page opensQuality of Service Overview Configuring Quality of ServiceMapping to Queues Dscp Default Mapping Table Following table contains the VPT to Queue default settingsVPT Default Mapping Table QoS ModesBasic QoS Mode Enabling Quality of ServiceEnabling Quality of Service Advanced QoS ModeCoS Settings Defining QueuesMapping QoS Values to Queues Mapping QueuesMapping CoS Values to Queues  SchedulingDscp to Queue Download Type Managing System FilesDownloading System Files To download system filesFirmware Download Configuration DownloadUploading System Files Upload TypeCopying System Files Configuration UploadActivating Image Files Software Image UploadSelect Copy Configuration Select Restore Configuration Factory DefaultsPerforming Device Diagnostics Configuring Port MirroringViewing Integrated Cable Tests To modify port mirroring settingsClick . The Port Mirroring Settings Page opens Click the Remove checkbox for selected item, and clickViewing Optical Transceivers Optical Transceivers Page contains the following fieldsViewing Device Interface Statistics Viewing StatisticsViewing Interface Statistics Interface Statistics Page contains the following fieldsClick . The interface statistics counters are cleared Viewing Etherlike StatisticsOpen the Interface Statistics Etherlike Statistics Page contains the following fieldsViewing Gvrp Statistics Open the Etherlike StatisticsOpen the Gvrp Statistics Managing Rmon StatisticsViewing EAP Statistics Click . The Gvrp interface statistics counters are clearedViewing Rmon Statistics  Configuring Rmon History  Defining Rmon AlarmsRmon Statistics Page contains the following fields Open the Rmon Statistics Configuring Rmon HistoryDefining Rmon History Control Rmon History Control Page contains the following fieldsViewing the Rmon History Table Rmon History Table Page contains the following fieldsRmon Events Control Page contains the following fields Configuring Rmon EventsDefining Rmon Events Control Click . The Add Rmon Event User Page opensViewing the Rmon Events Logs Defining Rmon AlarmsClick System Statistics Rmon Events. To modify an Rmon alarm user Click . The Add Rmon Alarm User Page opensClick . The Edit Rmon Alarm User Page opens 103 Glossary Class of Service Boot VersionBootP BackplaneCollision Duplex ModeClient Combo PortFlow Control EthernetFlapping FragmentEEE 802.1q Ieee 802.1dIeee 802.1p Image FileProcess Authenticates the origin of the communicationLimited geographical area Processing, as there is more information to processPolicing NodePacket PortRunning Configuration RJ-11 ConnectorRJ-45 Connector Stand-alone ModeTrap Subnet MaskTelnet Trunking71035590
Related manuals
Manual 32 pages 61.46 Kb Manual 32 pages 10.85 Kb

TL-SG3109, TL-SL3428, TL-SL3452 specifications

The TP-Link TL-SL3428 is a feature-rich Ethernet switch designed for small to medium-sized business environments. It is part of TP-Link’s JetStream series, which emphasizes reliability, performance, and robust management capabilities. Built with 28 10/100/1000 Mbps ports, the TL-SL3428 provides sufficient bandwidth to support a wide range of network applications.

One of the standout features of the TL-SL3428 is its support for Layer 2 management protocols. This allows for more granular control and optimized performance across network segments. The switch supports VLAN (Virtual Local Area Network) segmentation, which enhances network security and efficiency by isolating various types of traffic. This feature is particularly useful in larger organizations where different departments or teams may require separate network environments.

The TL-SL3428 also includes advanced QoS (Quality of Service) capabilities. This functionality prioritizes traffic based on predefined rules, which ensures that critical applications receive the necessary bandwidth to function optimally. With QoS implementation, users can experience minimized latency, leading to better performance in VoIP and video conferencing applications.

In terms of redundancy and reliability, the switch also supports Link Aggregation Control Protocol (LACP), enabling multiple connections to be combined for increased bandwidth and failover support. This feature significantly enhances network resilience, ensuring minimal downtime during failures.

Power over Ethernet (PoE) support is another important characteristic of the TL-SL3428. With PoE capabilities, this switch can deliver electrical power along with data over the same Ethernet cable, simplifying installation and reducing the need for additional wiring. This is especially advantageous for IP devices like cameras, access points, and VoIP phones.

Security features are abundant in the TL-SL3428 as well. It implements port security, storm control, and DHCP snooping, all of which contribute to a secure network infrastructure. The switch’s management capabilities can be accessed through a user-friendly web interface, making it easier for IT administrators to configure and monitor network activities.

Overall, the TP-Link TL-SL3428 is an exemplary choice for businesses looking to enhance their network performance with advanced management features, security protocols, and reliability. Its combination of speed, flexibility, and manageability make it a valuable tool for any growing organization.