session is permitted.

2.Define the Console, Telnet, and Secure Telnet (SSH) fields.

3.Map the authentication method in the Secure HTTP selection box.

4.Map the authentication method in the HTTP selection box.

5.Click . The authentication mapping is saved, and the device is updated.

5.1.1.5 Defining TACACS+ Host Settings

Terminal Access Controller Access Control System (TACACS+) provides centralized security user access validation. The system supports up-to 4 TACACS+ servers.

TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services:

Authentication — Provides authentication during login and via user names and user-defined passwords.

Authorization — Performed at login. Once the authentication session is completed, an authorization session starts using the authenticated user name.

The TACACS+ protocol ensures network integrity through encrypted protocol exchanges between the client and TACACS+ server.

Note:

The TACACS+ default parameters are user-assigned defaults. The default settings are applied to newly defined TACACS+ servers. If default values are not defined, the system defaults are applied to the new TACACS+ servers.

To define TACACS+ authentication settings:

1.Click Security > Management Security > Authentication > TACACS+. The TACACS+ Page opens:

Figure 33: TACACS+ Page

The Default Parameters section contains the following fields:

Source IP Address — Defines the default device source IP address used for the TACACS+ session between the device and the TACACS+ server.

Key String (1-128 Characters) — Defines the authentication and encryption key for TACACS+

communications between the device and the TACACS+ server. This key must match the encryption used on the TACACS+ server.

Timeout for Reply — Defines the default time that passes before the connection between the device and the TACACS+ times out. The default is 5.

The TACACS+ Page also contains the following fields:

Host IP Address — Defines the TACACS+ Server IP address.

Priority — Defines the order in which the TACACS+ servers are used. The field range is 0-65535. The default is 0.

Source IP Address — Defines the device source IP address used for the TACACS+ session between the device and the TACACS+ server.

Authentication Port (0-65535)— Defines the port number via which the TACACS+ session occurs. The default port is port 49.

2 7

Page 33 Page 35
Page 34
Image 34
TP-Link TL-SL3428 manual Defining TACACS+ Host Settings, Session is permitted, To define TACACS+ authentication settings
Page 33 Page 35

TL-SG3109, TL-SL3428, TL-SL3452 specifications

The TP-Link TL-SL3428 is a feature-rich Ethernet switch designed for small to medium-sized business environments. It is part of TP-Link’s JetStream series, which emphasizes reliability, performance, and robust management capabilities. Built with 28 10/100/1000 Mbps ports, the TL-SL3428 provides sufficient bandwidth to support a wide range of network applications.

One of the standout features of the TL-SL3428 is its support for Layer 2 management protocols. This allows for more granular control and optimized performance across network segments. The switch supports VLAN (Virtual Local Area Network) segmentation, which enhances network security and efficiency by isolating various types of traffic. This feature is particularly useful in larger organizations where different departments or teams may require separate network environments.

The TL-SL3428 also includes advanced QoS (Quality of Service) capabilities. This functionality prioritizes traffic based on predefined rules, which ensures that critical applications receive the necessary bandwidth to function optimally. With QoS implementation, users can experience minimized latency, leading to better performance in VoIP and video conferencing applications.

In terms of redundancy and reliability, the switch also supports Link Aggregation Control Protocol (LACP), enabling multiple connections to be combined for increased bandwidth and failover support. This feature significantly enhances network resilience, ensuring minimal downtime during failures.

Power over Ethernet (PoE) support is another important characteristic of the TL-SL3428. With PoE capabilities, this switch can deliver electrical power along with data over the same Ethernet cable, simplifying installation and reducing the need for additional wiring. This is especially advantageous for IP devices like cameras, access points, and VoIP phones.

Security features are abundant in the TL-SL3428 as well. It implements port security, storm control, and DHCP snooping, all of which contribute to a secure network infrastructure. The switch’s management capabilities can be accessed through a user-friendly web interface, making it easier for IT administrators to configure and monitor network activities.

Overall, the TP-Link TL-SL3428 is an exemplary choice for businesses looking to enhance their network performance with advanced management features, security protocols, and reliability. Its combination of speed, flexibility, and manageability make it a valuable tool for any growing organization.
Top Page Image Contents