¾ Global Config, ¾ Certificate Download | TP-Link TL-SG2008 specs

default the switch has a certificate (self-signed certificate) and a corresponding private key. The Certificate/Key Download function enables the user to replace the default key pair.

After SSL is effective, you can log on to the Web management page via https://192.168.0.1. For the first time you use HTTPS connection to log into the switch with the default certificate, you will be prompted that “The security certificate presented by this website was not issued by a trusted certificate authority” or “Certificate Errors”. Please add this certificate to trusted certificates or continue to this website.

On this page you can configure the SSL function.

Choose the menu System→Access Security→SSL Config to load the following page.

Figure 4-16 SSL Config

The following entries are displayed on this screen:

¾Global Config

SSL:	Select Enable/Disable the SSL function on the switch.

¾Certificate Download

Certificate File: Select the desired certificate to download to the switch. The

certificate must be BASE64 encoded.

¾Key Download

Key File:	Select the desired SSL key to download to the switch. The key
	must be BASE64 encoded.

Note:

1.The SSL certificate and key downloaded must match each other; otherwise the HTTPS connection will not work.

2.The SSL certificate and key downloaded will not take effect until the switch is rebooted.

3.To establish a secured connection using https, please enter https:// into the URL field of the browser.

21

Image 28

TP-Link TL-SG2008 manual ¾ Global Config, ¾ Certificate Download, ¾ Key Download, Key File

Contents

TL-SG2008 REV1.0.0 1910010984 Copyright & Trademarks FCC Statement Safety Information Contents Loopback Detection 100 Rmon Package Contents About this Guide Intended ReadersConventions Overview of This Guide Chapter Introduction System Appendix a Specifications Overview of the Switch Main FeaturesIntroduction Appearance Description Rear Panel ¾ LEDs Name Status Indication Login Login to the SwitchConfiguration Return to Contents System System InfoSystem Summary ¾ Port Status Device Description ¾ Port InfoStatus Displays the connection status of the port ¾ Bandwidth Utilization ¾ Device Description System Time¾ Time Info Daylight Saving Time System IP System IP Following entries are displayed on this screen User Management ¾ IP ConfigUser Table User Config Password Type in a password for users’ login¾ User Info User Status Config Restore Confirm Password Password Display ModeUser ID, Name, Access Level and status Operation System Tools Firmware Upgrade Config Backup¾ Config Backup System Reboot System Reset Access Security Access Control SSL Config IP Address & MaskMAC Address Port ¾ Global Config ¾ Certificate Download¾ Key Download Key File SSH Config Select Enable/Disable SSH function Download ¾ Configuration Procedure¾ Network Requirements Application Example 2 for SSH Page Page Return to Contents Port Config SwitchingPort Port Mirror GroupMirroring Mode Ingress NumberEgress Port Security ¾ Port Security Port Isolation Port Isolation ¾ Port Isolation Config Loopback Detection¾ Port Isolation List Forward Portlist Display the forwardlist Operation Mode LAG LAG Table ¾ LAG Table Group Number Static LAGMember Lacp Config LAG will delete this LAG Admin Key ¾ Lacp ConfigPort Priority Traffic Monitor Traffic SummaryPackets Rx Packets Tx Traffic Statistics Refresh Rate¾ Statistics Received MAC Address Bound MAC addressWay Port Address Table ¾ Search Option MAC Address Displays the MAC address learned by the switch Static Address¾ Address Table Displays the corresponding Vlan ID of the MAC address Dynamic Address ¾ Static Address Table ¾ Dynamic Address Table ¾ Aging ConfigBind Filtering Address ¾ Create Filtering Address ¾ Filtering Address Table Dhcp Filtering¾ Dhcp Working Principle 17 Network diagram of Dhcp 19 Dhcp Cheating Attack Implementation Procedure ¾ Dhcp Cheating Attack Dhcp Filtering ¾ Dhcp Filtering¾ Trusted Port Vlan 802.1Q Vlan ¾ Link Types of ports Vlan Config ¾ Pvid Give a name to the Vlan for identification NameUntagged Ports Tagged Ports ¾ Network Diagram Application Example for 802.1Q VlanUntagged Tagged Required. On VLAN→802.1Q VLAN→VLAN Config page, create a Required. On VLAN→802.1Q VLAN→VLAN Config page, configureStep Operation Description Spanning Tree ¾ STP Elements ¾ Bpdu Comparing Principle in STP mode ¾ STP Timers¾ STP Generation Step Operation Tips ： ¾ Rstp Elements ¾ Mstp Elements ¾ Port States ¾ Port Roles STP Config STP Config Forward Delay VersionHello Time Max Age Port Config STP Summary Priority ExtPathIntPath Edge Port Region Config Instance Config¾ Region Config Mstp Instance ¾ Instance Table InstanceClear ¾ VLAN-Instance Mapping Instance ID Instance Port ConfigPath Cost STP Security Port Protect ¾ Root Protect ¾ TC Protect¾ Bpdu Protect ¾ Bpdu Filter TC Protect Application Example for STP Function 11 TC Protect On Spanning Tree→STP Config→STP Config On Spanning Tree→MSTP Instance→RegionOn Spanning Tree→MSTP Instance→Instance Operation Description On Spanning Tree→STP Config→Port Config ¾ Suggestion for Configuration Multicast ¾ Multicast Overview ¾ Multicast Address ¾ Multicast Address Table Igmp Snooping Multicast IP Port¾ Igmp Snooping ¾ Igmp Snooping Process Snooping Config ¾ Igmp Snooping Fundamentals ¾ Igmp Snooping Status Description Displays Igmp Snooping status Member Igmp Snooping Fast Leave Multicast Vlan ¾ Multicast Vlan Vlan On the Multicast→IGMP Snooping→Snooping ConfigMulticast→IGMP Snooping→Multicast Vlan Snooping→Port Config Snooping→Snooping ConfigMulticast IP Multicast IP Table Static Multicast IP ¾ Create Static Multicast Multicast Filter¾ Static Multicast IP Table IP-Range Port Filter ¾ Port Filter Config Action ModeFilter Bound IP-Range ID Port Displays the port number of the switch Query Packet Packet StatisticsMulticast→Multicast Filter→IP-Range Multicast→Multicast Filter→Port Filter Return to Contents QoS ¾ Priority Mode¾ QoS ¾ Schedule Mode 802.1Q frame SP-Mode ¾ Port Priority Config DiffServPort Priority Displays the LAG number which the port belongs to ¾ 802.1P Priority Config 2 802.1P/CoS MappingRequired. On QoS→DiffServ→Port Priority ¾ Priority Level Configuration Procedure Step Operation Description ¾ Dscp Priority ConfigDscp Priority Mapping Schedule Mode ¾ Priority LevelIt ranges from 0 to Priority Level Bandwidth Control ¾ Rate Limit ConfigRate Limit Ingress Rate bps Storm ControlEgress Ratebps Voice Vlan Broadcast RateBps Mulitcast Rate ¾ Port Voice Vlan Mode ¾ Security Mode of Voice Vlan Global ConfigPacket Type Processing Mode Port Mode Enter the Vlan ID of the voice VlanAging Time OUI address is aging out OUI Config Required. On VLAN→802.1Q VLAN→VLAN Config Optional. On QoS→Voice VLAN→OUI Config page, youRequired. On QoS→Voice VLAN→Port Config Required. On QoS→Voice VLAN→Global Config ACL Config ACLACL Summary ACL Create MAC ACL ¾ Create ACL¾ Create MAC ACL Rule ID Standard-IP ACL Extend-IP ACL¾ Create Standard-IP ACL Mask Policy Config Policy Summary¾ Create Extend-IP ACL IP Protocol Policy Create Action CreateIndex Displays the index of the policy Displays the ID of the ACL contained in the policy Policy Binding Binding Table¾ Create Action ¾ Policy Bind Table Port Binding Vlan BindingInterface Direction Displays the binding direction ¾ VLAN-Bind Config Application Example for ACLEnter the ID of the Vlan you want to bind ¾ VLAN-Bind Table On ACL→ACL Config→ACL Create page, create ACL On ACL→ACL Config→Standard-IP ACL page, select ACL Limit2 Snmp ¾ Snmp Overview¾ Snmp Management Frame ¾ Snmp Versions ¾ Snmp Configuration Outline ¾ MIB Introduction Snmp Config Snmp Config, Notification and Rmon Snmp View Snmp GroupMIB Object ID View Type ¾ Group Config Snmp Group Following entries are displayed on this screen Snmp User ¾ Group Table Auth Mode Auth PasswordPrivacy Mode Privacy Password Access Snmp CommunityCommunity Name MIB View Required. On the SNMP→SNMP Config→Global Required. On the SNMP→SNMP Config→SNMPConfig→Global Config page, enable Snmp On the SNMP→SNMP Config→SNMP Notification ¾ Create NotificationIP Address UDP Port Timeout RmonRetry ¾ Notification Table Rmon Group Function History Control¾ History Control Table Alarm Config Event Config¾ Event Table Variable Sample TypeRising Threshold Rising Event 131 System Monitor MaintenanceCPU Monitor Memory Monitor 12.2 LogLevel Description Log Table Level Description Debugging¾ Log Info Time ¾ Local Log Config Local LogLog Buffer Log File Backup Log Remote Log¾ Log Host Host IP Device Diagnostics ¾ Backup LogCable Test ¾ Cable Test Network Diagnostics Loopback Ping ¾ Ping ConfigTracert ¾ Tracert Config 10 Tracert Following entries are displayed on this screen Appendix a Specifications Appendix B Configuring the PCs Configure TCP/IP component Now Appendix C Glossary Multicast Switching Remote Authentication Dial-in User Service RadiusIgmp Snooping Igmp Query Rapid Spanning Tree Protocol Rstp Simple Network Management Protocol SnmpSimple Network Time Protocol Sntp Spanning Tree Algorithm STA