Manuals / TP-Link / Computer Equipment / Network Router

TP-Link TL-SG3109 SNMP v1 and v2c, Snmp, Defining SNMP Security, Configuring SNMP Management

Models: TL-SG3109 TL-SL3428 TL-SL3452

1 120

Download 120 pages 18.36 Kb

Page 77

Section 11. Configuring SNMP Management

Section 11. Configuring SNMP Management

Simple Network Management Protocol (SNMP) provides a method for managing network devices. The device supports the following SNMP versions:

SNMP version 1

SNMP version 2c

SNMP version 3

11.1 SNMP v1 and v2c

The SNMP agents maintain a list of variables, which are used to manage the device. The variables are defined in the Management Information Base (MIB). The SNMP agent defines the MIB specification format, as well as the format used to access the information over the network. Access rights to the SNMP agents are controlled by access strings.

11.2 SNMP v3

SNMP v3 applies access control and a new traps mechanism. In addition, User Security Model (USM) parameters are defined for SNMPv3, including:

Authentication — Provides data integrity and data origin authentication.

Privacy — Protects against the disclosure of message content. Cipher Block-Chaining (CBC) is used for encryption. Either authentication is enabled on a SNMP message, or both authentication and privacy are enabled on a SNMP message. However, privacy cannot be enabled without authentication.

Timeliness — Protects against message delay or message redundancy. The SNMP agent compares incoming message to the message time information.

Key Management — Defines key generation, key updates, and key use.

The device supports SNMP notification filters based on Object IDs (OIDs). OIDs are used by the system to manage device features.

SNMP v3 supports the following features:

Security

Feature Access Control

Traps

The device generates the following traps:

Copy trap

This section contains the following topics:

Defining SNMP Security

Configuring SNMP Notification Settings

11.3 Defining SNMP Security

This section describes configuring of SNMP security parameters, and contains the following topics:

Defining SNMP Global Parameters

Defining SNMP Views

Defining SNMP Group Profiles

70

Image 77

TP-Link TL-SG3109, TL-SL3452, TL-SL3428 manual SNMP v1 and v2c, Snmp, Defining SNMP Security, Configuring SNMP Management

Contents

Embedded Web System User Guide TL-SG3109 9-port Gigabit Managed Switch TL-SL342824+4G Gigabit Managed Switch TL-SL3452 48+4G Gigabit Managed Switch COPYRIGHT & TRADEMARKS SAFETY NOTICESFCC STATEMENT EC DECLARATION OF CONFORMITY EUROPESection 3. Setting the System Time TABLE OF CONTENTSSection 4. Configuring System Logs Section 2. Defining Device InformationSection 6. Defining IP Addresses Section 5. Configuring Device Security5.1.1.5 Defining TACACS+ Host Settings 5.1.1.6 Defining RADIUS Server SettingsSection 9. Configuring the Spanning Tree Protocol Section 7. Configuring InterfacesSection 10. Configuring Multicast Forwarding Section 11. Configuring SNMP ManagementSection 13. Managing System Files Section 12. Configuring Quality of Service11.4 Configuring SNMP Notification Settings 11.3.1 Defining SNMP Global ParametersGlossary Section 14. Performing Device DiagnosticsSection 15. Viewing Statistics Guide Overview PrefaceIntended Audience 1.2 Starting the TP-Link Embedded Web Interface 1.1 Configuring the device to use TP-Link Embedded Web InterfaceSection 1. Getting Started Figure 1 Login Page 1.3 Understanding the TP-Link Embedded Web Interface5. Click . The TP-Link Embedded Web Interface Home Page opens Figure 2 TP-Link Embedded Web Interface Home Page1.3.1 Device Representation 1.3.2 Using the TP-Link Embedded Web Interface Management ButtonsTable 2 TP-Link Web Interface Configuration Management Buttons Figure 3 Device Representation Figure 3Device Representation1.5 Deleting Configuration Information 1.4 Using Screen and Table Options1.4.1 Adding Configuration Information 1.4.2 Modifying Configuration Information1.7 Logging Off from the Device 1.6 Resetting the Device1. Click System General Reset. The Reset Page opens Figure 7 Reset Page2. Define the System Name, System Location and System Contact fields Section 2. Defining Device InformationFigure 10System Description Page 3.1 Configuring Daylight Savings Time Section 3. Setting the System TimeFigure 11 System Information Time Page Date - The date on which DST begins. The possible field range is Daylight SavingsRecurring 2. Define the Date, Local Time and Time Zone Offset fields3.2.1 SNTP Overview 3.2 Configuring SNTP3.2.1.1 Polling for Unicast Time Information 3.2.1.2 Polling for Anycast Time InformationFigure 12 SNTP Properties Page 3.2.2 Defining SNTP Global Settings3.2.3 Configuring SNTP Authentication Figure 13 SNTP Authentication Page 3.2.4 Defining SNTP ServersThe SNTP Authentication Page contains the following fields 2. Check the Enable SNTP Authentication checkboxFigure 15 SNTP Servers Page 3.2.5 Defining SNTP Interface Settings2. Click . The Add SNTP Server Page opens Figure 16 Add SNTP Server PageThe SNTP Interface Settings Page contains the following fields Figure 17 SNTP Interface Settings Page4. Check the Receive Server Updates option 2. Click . The Add SNTP Interface Page opens4.1 Defining General Log Properties Section 4. Configuring System LogsTable 4 System Log Severity Levels Severity4.3 Viewing Flash Logs 4.2 Viewing Memory LogsFigure 19 Syslog Properties Page  SeverityFigure 21 Syslog Flash Page 4.4 Defining System Log ServersFigure 22 Syslog Servers Page 2. Click . The Add Syslog Server Page opensFigure 23 Add Syslog Server Page 4. Click . The Log server is defined and the device is updated5.1 Configuring Management Security Section 5. Configuring Device Security5.1.1 Configuring Authentication Methods 5.1.1.1 Defining Access ProfilesFigure 25 Add Access Profile Page Figure 24 Access Profile Page2. Click . The Add Access Profile Page opens Figure 26 Profile Rules Page 5.1.1.2 Defining Profile Rules2. Click . The Profile Rule Settings Page opens 5.1.1.3 Defining Authentication ProfilesFigure 28 Profile Rule Settings Page Figure 29 Authentication Profiles Page2. Click . The Add Authentication Profile Page opens 5.1.1.4 Mapping Authentication ProfilesFigure 30 Add Authentication Profile Page 2. Click . The Authentication Profile Settings Page opensThe Authentication Mapping Page contains the following fields Figure 32 Authentication Mapping PageFigure 33 TACACS+ Page 5.1.1.5 Defining TACACS+ Host Settings2. Define the Console, Telnet, and Secure Telnet SSH fields 3. Click . The TACACS+ Host Settings Page opens 5.1.1.6 Defining RADIUS Server SettingsFigure 35 TACACS+ Host Settings Page 2. Click . The Add TACACS+ Host Page opensFigure 37 Add Radius Server Page Figure 36 Radius Page2. Click . The Add Radius Server Page opens 5.1.2.1 Defining Local Users 5.1.2 Configuring Passwords1. Click . The RADIUS Server Settings Page opens Figure 38 RADIUS Server Settings Page5.1.2.2 Defining Line Passwords 5.2 Configuring Network Security5.1.2.3 Defining Enable Passwords Figure 41 Line Password Page5.2.1.1 Port-Based Authentication 5.2.2 Defining Network Authentication Properties5.2.1.2 Advanced Port-Based Authentication 5.2.1 Network Security OverviewFigure 43 Network Security Authentication Properties Page 5.2.2.1 Defining Port Authentication PropertiesFigure 44 Port Authentication Page VLAN IDFigure 45 Port Authentication Settings Page 5.2.2.2 Configuring Multiple Hosts2. Click . The Port Authentication Settings Page opens 2. Click . The Multiple Host Settings Page opens 5.2.2.3 Defining Authentication HostsFigure 47 Multiple Host Settings Page The Authenticated Hosts Page contains a list of authenticated usersFigure 48 Authenticated Hosts Page 5.2.3 Configuring Traffic Control5.2.3.1 Managing Port Security 1. Click . The Port Security Settings Page opens 5.2.3.2 Enabling Storm ControlFigure 50 Port Security Settings Page Figure 49 Port Security Page3. Select the Port Storm Control Settings Figure 52 Storm Control Settings Page4. Click Enable Broadcast Control, and define the Rate Threshold Figure 51 Storm Control Page6.1 Defining IP Addressing Section 6. Defining IP Addresses6.1.1 Defining IP Addresses Figure 53 IP Interface Page6.1.3 Defining DHCP Addresses 6.1.2 Defining the Default Gateway2. Click . The IP Interface Settings Page opens Figure 55 IP Interface Settings PageFigure 57 DHCP Page 6.1.4 Defining ARPFigure 58 Add IP Interface Page Figure 59 ARP Page6.2.1 Defining DNS Servers 6.2 Defining Domain Name System Default Domain Name - Specifies the user-defined DNS server name 3. Define the Clear ARP Table Entries parameter3. Define the Default Domain Name 6.2.2 Configuring Host Mapping4. Click . The Add DNS Server Page opens Figure 62 Add DNS Server Page3. Enter the Host Name and IP Address Figure 64 Add DNS Host PageFigure 65 Interface Configuration Page Section 7. Configuring Interfaces7.1 Configuring Ports MDI Media Dependent Interface - Use for end stations Figure 66 Interface Configuration Settings Page7.2.1 Defining LAG Members 7.2 Configuring LAGs1. Click . The LAG Membership Settings Page opens Figure 67 LAG Membership PageFigure 68 LAG Membership Settings Page 7.2.2 Configuring LACPThe LAG Membership Settings Page contains the following fields 2. Click . The LACP Parameters Settings Page opens7.3.1 Defining VLAN Properties 7.3 Configuring VLANsFigure 70 LACP Parameters Settings Page 3. Define the Port Priority and LACP Timeout settings2. Modify the VLAN Name and Disable Authentication fields 7.3.2 Defining VLAN MembershipFigure 71 VLAN Member Properties Page The VLAN Member Properties Page contains the following fieldsFigure 75 VLAN Interface Settings Page 7.3.3 Defining VLAN Interface SettingsThe VLAN Interface Settings Page contains the following fields Figure 74 VLAN Member Membership Page7.3.4.1 Defining GARP 7.3.4 Configuring GARP1. Click . The VLAN / LAG Interface Settings Page opens Figure 76 VLAN / LAG Interface Settings PageFigure 77 GARP Parameters Page 7.3.5 Defining GVRPFigure 78 GARP Parameters Settings Page Figure 79 GVRP Parameters Page Figure 80 GVRP Parameters Settings PageFigure 81 Forwarding Database Static Addresses Page 8.1 Configuring Static AddressesSection 8. Defining the Forwarding Database 2. Click . The Add Forwarding Database Page opens 8.2 Configuring Dynamic Forwarding AddressesFigure 82 Add Forwarding Database Page Figure 83 Dynamic Addresses Page3. Select an Address Table Sort Key 2. Select the Interface, the MAC Address, and the VLAN ID9.1.1 Defining STP Properties 9.1 Configuring the Classic STPSection 9. Configuring the Spanning Tree Protocol 1. Click System Bridging Info Spanning Tree STP2. Complete the Spanning Tree State and Bridge Settings fields 9.1.2 Defining STP Interface SettingsThe STP Interface Settings Page contains the following fields Figure 85 STP Interface Settings Page1. Click . The STP Interface Settings Page opens Figure 86 STP Interface Settings PageFigure 87 RSTP Page 9.2 Configuring the Rapid STP9.3.1 Defining MSTP Properties 9.3 Configuring the Multiple STP2. Click . The RSTP Settings Page opens Figure 88 RSTP Settings PageFigure 90 MSTP Instance Settings Page 9.3.2 Configuring MSTP InstancesThe MSTP Instance Settings Page page contains the following fields Figure 89 MSTP Properties Page9.3.4 Configuring MSTP Interface Settings 9.3.3 Configuring MSTP VLAN InstancesMSTP VLAN Instance Configuration Page opens Figure 91 MSTP VLAN Instance Configuration Page3. Modify the Port Priority and Path Cost Figure 93 MSTP Interface Settings PageFigure 94 IGMP Snooping Page Section 10. Configuring Multicast Forwarding10.1 Configuring Multicast Forwarding 2. Click the Enable IGMP Snooping Status checkbox 10.2 Defining Multicast Bridging Groups1. Click . The Multicast Global Parameters Settings Page opens Figure 95 Multicast Global Parameters Settings Page2. Click . The Multicast Group Settings Page opens Table 5 IGMP Port/LAG Members Table Control SettingsFigure 98 Multicast Group Settings Page Port ControlFigure 99 Multicast Forward All Page 10.3 Defining Multicast Forward All ParametersThe Multicast Forward All Page contains the following fields Port Control11.2 SNMP 11.1 SNMP v1 and v2c11.3 Defining SNMP Security Section 11. Configuring SNMP Management11.3.2 Defining SNMP Views 11.3.1 Defining SNMP Global Parameters2. Define the Local Engine ID and Use Default fields Figure 100 SNMP Security Global Parameters Page2. Click . The Add SNMP View Page opens 11.3.3 Defining SNMP Group ProfilesFigure 102 Add SNMP View Page Figure 103 SNMP Security Group Profile Page2. Click . The SNMP Group Profile Settings Page opens 11.3.4 Defining SNMP Group MembersFigure 105 SNMP Group Profile Settings Page 2. Click . The Add SNMP Group Profile Page opens2. Click . The SNMP Group Membership Settings Page opens  Authentication Method - Defines the SNMP authentication methodFigure 108 SNMP Group Membership Settings Page Figure 107 Add SNMP Group Membership Page11.3.5.1 SNMP Communities Basic Table 11.3.5 Defining SNMP Communities11.3.5.2 SNMP Communities Advanced Table Figure 109 SNMP Security Communities Page11.4.1 Defining SNMP Notification Properties 11.4 Configuring SNMP Notification Settings11.4.2 Defining Notification Filters Figure 111 SNMP Community Settings PageFigure 113 SNMP Notification FiIter Page 11.4.3 Defining Notification ReceiversThe SNMP Notification FiIter Page contains the following fields 2. Click . The Add SNMP Notification Filter Page opens11.4.3.2 SNMPv3 Notification Recipient 11.4.3.1 SNMPv1,2c Notification RecipientFigure 115 SNMP Notification Receiver Page The SNMP Notification Receiver Page c is divided into theFigure 117 SNMP Notification Receiver Settings Page 2. Click . The SNMP Notification Receiver Settings Page opensUPD Port, Filter Name, TImeout, and Retries fields 2. Click . The Add SNMP Notification Receiver Page opens12.1.1 Mapping to Queues Section 12. Configuring Quality of Service12.1 Quality of Service Overview Table 7 VPT Default Mapping Table 12.1.2 QoS ModesTable 8 DSCP Default Mapping Table VPT Value12.2.1 Enabling Quality of Service 12.2 Enabling Quality of Service12.1.2.1 Basic QoS Mode 12.1.2.2 Advanced QoS ModeFigure 119 QoS Interface Settings Page 12.2.2 Defining QueuesFigure 118 CoS Settings Page 12.3.1 Mapping CoS Values to Queues 12.3 Mapping Queues12.3.2 Mapping QoS Values to Queues Figure 120 QoS Queue Settings PageFigure 122 DSCP to Queue Page 13.1 Downloading System Files Section 13. Managing System Files13.1.1 Download Type Figure 123 File Download Page13.2 Uploading System Files 13.1.3 Configuration Download13.1.2 Firmware Download 13.2.1 Upload Type13.3 Activating Image Files 13.2.3 Configuration Upload13.4 Copying System Files 13.2.2 Software Image UploadFigure 126 Copy Files Page 2. Select Copy Configuration2. Select Restore Configuration Factory Defaults 14.1 Configuring Port Mirroring Section 14. Performing Device DiagnosticsFigure 127 Port Mirroring Page Figure 128 Add Port Mirroring Page1. Click . The Port Mirroring Settings Page opens 14.2 Viewing Integrated Cable TestsFigure 129 Port Mirroring Settings Page Figure 130 Copper Cable PageThe Optical Transceivers Page contains the following fields 14.3 Viewing Optical TransceiversFigure 131 Optical Transceivers Page 15.1 Viewing Interface Statistics Section 15. Viewing Statistics15.1.1 Viewing Device Interface Statistics Receive StatisticsTransmit Statistics 15.1.2 Viewing Etherlike Statistics1. Open the Interface Statistics Page Figure 133 Etherlike Statistics PageFigure 134 GVRP Statistics Page 15.1.3 Viewing GVRP Statistics1. Open the Etherlike Statistics Page 15.1.4 Viewing EAP Statistics 15.2 Managing RMON Statistics1. Open the GVRP Statistics Page Figure 135 EAP Statistics PageFigure 136 RMON Statistics Page 15.2.1 Viewing RMON Statistics15.2.2.1 Defining RMON History Control 15.2.2 Configuring RMON History1. Open the RMON Statistics Page Figure 137 RMON History Control PageFigure 138 Add History Entry User Page 15.2.2.2 Viewing the RMON History Table1. Open the RMON History Control Page 2. Click . The Edit Local History Entry User Page opens15.2.3.1 Defining RMON Events Control 15.2.3 Configuring RMON EventsFigure 141 RMON Events Control Page The RMON Events Control Page contains the following fields15.2.3.2 Viewing the RMON Events Logs 15.2.4 Defining RMON Alarms1. Click System Statistics RMON Alarm. The RMON Alarm Page opens Figure 145 RMON Alarm Page1. Click . The Edit RMON Alarm User Page opens 2. Click . The Add RMON Alarm User Page opensFigure 146 Add RMON Alarm User Page 2. Modify the fields Figure 147 Edit RMON Alarm User PageAccess Mode GlossaryAccess Profile Authentication ProfileBootP Boot VersionClass of Service TermTerm Duplex ModeDefinition ClientDefinition TermEthernet FIFODefinition TermICMP IDRPTerm authenticates the origin of the communicationDefinition limited geographical areaDefinition TermNode OSPFRJ-45 Connector RJ-11 ConnectorRunning Configuration Stand-alone ModeDefinition TermSubnet Mask TCP/IPE-mail support@tp-link.com